dou47732 2011-05-02 18:33
浏览 204
已采纳

mcrypt_generic_init:iv参数的含义

I am reviewing a part of code using php mcrypt library to encrypt some binary data using the Blowfish cipher. Basically it creates a blowfish descriptor in the MCRYPT_MODE_CBC mode and then calls the mcrypt_generic_init function with the iv parameter always equal to '12345678'.

Simplified code extraction:

$cipher = mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_CBC, '');
mcrypt_generic_init($cipher, $key, '12345678');

Documentation for the mcrypt-generic-init function says following:

The IV should normally have the size of the algorithms block size, but you must obtain the size by calling mcrypt_enc_get_iv_size(). IV is ignored in ECB. IV MUST exist in CFB, CBC, STREAM, nOFB and OFB modes. It needs to be random and unique (but not secret). The same IV must be used for encryption/decryption. If you do not want to use it you should set it to zeros, but this is not recommended.

My questions are:

What is this parameter used for? Is using of such value of the iv parameter a weakness? I am not sure, because it is said that it doesn't have to be secret, so an attacker can obtain it somehow. If it's not a weakness and such value of this parameter is perfectly ok, then why setting it to zeros is not recommended? Would it be significantly better to hardcode some pseudo random string instead of '12345678'?

  • 写回答

1条回答 默认 最新

  • dpd7195 2011-05-02 18:37
    关注

    It's the initialization vector:

    http://en.wikipedia.org/wiki/Initialization_vector

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?