[xmlsec] Initialize IV for AES-CBC mode

Erwann Abalea erwann.abalea at certplus.com
Mon Jul 19 00:34:07 PDT 2004

On Fri, 16 Jul 2004, Aleksey Sanin wrote:

> Sorry, I don't see why application might want to specify IV by itself.

To be able to leak sensible bits? Something that looks random is a good
material for this purpose. It has been done in the past, it is still done
today, and I'd bet it'll be done again in the future.

Erwann ABALEA <eabalea at certplus.com> - RSA PGP Key ID: 0x2D0EABD5
C'est pas avec la censure que tu vas censurer les censeurs.
-+- JL in GNU : Las, censeurs pour l'échafaud -+-

More information about the xmlsec mailing list