[87058] in Cypherpunks
Re: The CipherSaber Manifesto
daemon@ATHENA.MIT.EDU (Antonomasia)
Thu Sep 25 05:50:04 1997
Date: Thu, 25 Sep 1997 01:42:45 +0100
From: Antonomasia <ant@notatla.demon.co.uk>
To: cypherpunks@ssz.com, reinhold@world.std.com
Reply-To: Antonomasia <ant@notatla.demon.co.uk>
reinhold@world.std.com (Arnold Reinhold) wrote:
> CipherSaber-1 (CS1) uses Ron Rivest's RC4 algorithm as published in
> the second edition of Bruce Schneier's Applied Cryptography. ....
> CipherSaber-1 is a symmetric-key file encryption system. Messaging
> takes place by attaching binary files to e-mail. Because CipherSaber
> uses a stream cipher, an initialization vector must be used to prevent
> the same cipher key from being used twice. In encrypted CipherSaber-1
> files, a ten byte initialization vector precedes the coded data. For
> decryption, the initialization vector is read from the file and
> appended to the user key before the key setup step. ......
Why not _prepend_ the IV to the key ? As described here any
paranoics who use keys > 255 chars won't get the IV in place, and
will lose out. I think I'd also force 4 bytes of the IV to be the
current time, as a defence against the (P?)RNG getting me a repeated IV
eventually.
--
##############################################################
# Antonomasia ant@notatla.demon.co.uk #
# See http://www.notatla.demon.co.uk/ #
##############################################################
