> From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of Edward Ned Harvey > > attacker doesn't know is your key and your plaintext. There is only one > solution. You must use a second key. Use your first key to encrypt the > second key (so an attacker can hopefully never know either one of your > keys.) Use your second key combined with the block number (I suggest > encrypting or hashing the block number using the second key, but simple > AND > or XOR should also be fine) and use the resultant data as the IV for your > actual encryption operation.
I don't see any reason why the second key couldn't match the first. You could simply encrypt the block number, and use the result as the IV when you encrypt your actual data block, using ECB. This is effectively reimplementing CBC, where you don't make individual blocks dependent on each other - instead you make each individual block dependent only on its block number, where you're using the block number as the preceding block of data, and the *only* preceding block of data. Every block number is guaranteed unique and independent, so you're able to do random access, and since there are never any repeats, there will never be any repeated cipherblocks, even if there is repeated plaintext. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
