CorazÃ³n sagrado

In Cryptography, a vector of initialization (in English initialization vector or IV ) is a block of bits combined with the first storage block at the time of an operation of coding. It is used within the framework of the modes of operation of a symmetrical encryption algorithm per blocks or for a coding by flow like RC4. In some Cryptosystème S, the vector is generated in manner Aléatoire then transmitted in light with the remainder of the message. In other systems, one can use data like the Inode of the quantified file.

Vulnerabilities with coding by flood

The coding of several files with the same key requires precautions during the creation of the vectors of initialization. It is necessary in particular to take care not to be vulnerable to an attack based on a simple Boolean operation with XOR. That is to say C₁ and C₂, two coded messages thanks to a coding by flood (XOR enters the data and a pseudo-random continuation generated by the algorithm). The same key and the same vector of initialization are used to quantify the two original messages M₁ and M₂.

One can then establish the following relation which makes it possible to easily find the two messages in light:

C₁ XOR C₂ = M₁ XOR M₂

This is why one uses different vectors of initialization to each coding. If it is not the same key which is used, the relation above does not hold any more.

Vulnerabilities with codings of blocks

The modes of operation make it possible to chain several blocks and to treat data unspecified length. The simplest mode, ECB cutting data in blocks and draft independently from/to each other. ECB does not use a vector of initialization. Let us consider the two following messages: ATTENTION WITH the ATTACKS IN CRYPTO and STILL WAIT a MOMENT PLEASE. quantified with an algorithm per blocks (with blocks of four characters)

One cuts out in blocks of four characters and one quantifies each block without being concerned with others:

One carries out the same operation with the same key on the other text:

It is seen easily that the first block " ATTE" amounts to " UAKQ". One finds it in two coded messages and that could guide a cryptanalyste. By using another mode of operation which uses a vector of initialization, one can avoid this kind of problems but it is still necessary to pay attention to certain details. In the case of CBC without vector of initialization, each block undergoes a XOR with the coding of the preceding block. But here still, there will be the same problem as with ECB. By adding a vector of initialization, one makes a XOR between this one and the first storage block. With the same key but two different vectors, the same message will not be quantified same manner and one avoids an attack like that described above.

Weaknesses in the continuation Office of Microsoft

In 2005, a Chinese researcher discovers an important fault in the coding of the documents Microsoft Word and Excel. The vector of initialization remains constant for the same document in spite of the modifications which would be made there. If the key remains identical, it is possible to find a very large quantity of information.

Misuse of RC4 in protocol WEP

The protocol WEP employs coding by flood RC4 to quantify the data in a wireless networking of the type Wi-Fi. But its implementation is vulnerable and several attacks were developed. In 2001, Shamir, Fluhrer and Mantin discovers a problem in the Key-schedule of RC4 within the WEP. By capturing sufficient packages, one can draw up a list of particular vectors of initialization which make it possible to conduct the attack. This one concentrates on the first byte quantified in each package. With an important traffic, one can quickly recover the key (a few minutes with a PC on a WEP of 64 bits).

External bonds

The Misuse off RC4 in Microsoft Word and Excel
Using the Fluhrer, Mantin and Shamir attack to station-wagon WEP

Random links: