From owner-freebsd-hackers@FreeBSD.ORG  Fri Mar  4 00:10:17 2005
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DC3C616A4CE
	for <hackers@freebsd.org>; Fri,  4 Mar 2005 00:10:17 +0000 (GMT)
Received: from snark.piermont.com (snark.piermont.com [166.84.151.72])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 88A5543D39
	for <hackers@freebsd.org>; Fri,  4 Mar 2005 00:10:17 +0000 (GMT)
	(envelope-from perry@piermont.com)
Received: by snark.piermont.com (Postfix, from userid 1000)
	id D4D7BD988C; Thu,  3 Mar 2005 19:10:16 -0500 (EST)
To: "Poul-Henning Kamp" <phk@phk.freebsd.dk>, tls@rek.tjls.com
References: <Pine.NEB.4.62.0503031625170.12890@server.duh.org>
	<11487.1109886334@critter.freebsd.dk>
	<20050303215114.GA18604@panix.com>
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 03 Mar 2005 19:10:16 -0500
In-Reply-To: <20050303215114.GA18604@panix.com> (Thor Lancelot Simon's
 message of "Thu, 3 Mar 2005 16:51:14 -0500")
Message-ID: <87wtsogtjr.fsf@snark.piermont.com>
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailman-Approved-At: Fri, 04 Mar 2005 16:36:07 +0000
cc: tech-security@netbsd.org
cc: hackers@freebsd.org
cc: cryptography@metzdowd.com
Subject: Re: FUD about CGD and GBDE
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Mar 2005 00:10:18 -0000


Thor Lancelot Simon <tls@rek.tjls.com> writes:
> I think there's a misunderstanding here.  Why do you think secrecy
> (unpredictability?) is an important property of an IV for a block
> cipher used in CBC mode?  It's not an encryption key, it's an IV.

Indeed. The IV can (subject to some constraints) be anything you
like. Not having it public at very, very best denies one block from
the ciphertext to the attacker -- ultimately not very useful in this
application to prevent cracking given the low unicity distance.

-- 
Perry E. Metzger		perry@piermont.com