A few y.years ago, there was a pointer to a paper or attack discussed here on recovering the IV from a CBC stream. This attack is used as a justification of why you don't want to use the key as an IV. Does anyone have a pointer to a paper or a description of the attack?