key as IV considered harmful reference

Sam Hartman hartmans at MIT.EDU
Tue Mar 25 10:12:11 EST 2003

A few y.years ago, there was a pointer to a paper or attack discussed
here on recovering the IV from a CBC stream.  This attack is used as a
justification of why you don't want to use the key as an IV.  Does
anyone have a pointer to a paper or a description of the attack?

More information about the krbdev mailing list