dougudu3564
2015-09-17 15:03
浏览 174
已采纳

为什么golang加密示例不使用随机IV? [关闭]

According to CWE-329 NON-Random IV's allow for the possibility of a dictionary attack. However, in the AES crypto example, golang docs use a non-random IV:

ciphertext := make([]byte, aes.BlockSize+len(plaintext))
iv := ciphertext[:aes.BlockSize]

Is this implementation safe or should I use a random function to get my IV?

图片转代码服务由CSDN问答提供 功能建议

根据CWE-329非随机IV,允许发生字典攻击。 但是,在AES加密示例中,golang文档使用了非随机IV :

 密文:= make([] byte,aes.BlockSize + len(plaintext))
iv:=密文[:aes.BlockSize] 
    
 
 

此实现安全吗,还是应该使用随机函数获取IV?

  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • douzhiling3166 2015-09-17 15:28
    已采纳

    It is secure, because the IV is filled from a Cryptographically Secure Pseudo Random Number Generator (CSPRNG) which is /dev/urandom by default and provided from the OS. From the ExampleNewCBCEncrypter function:

    iv := ciphertext[:aes.BlockSize]
    if _, err := io.ReadFull(rand.Reader, iv); err != nil {
        panic(err)
    }
    
    评论
    解决 无用
    打赏 举报

相关推荐 更多相似问题