Re: [Openvpn-users] security advisory for 1.0.3 concerning CFB, OFB, and DES ciphers

[Guus S. <gu...@sl...>]

On Tue, Apr 02, 2002 at 02:05:35PM -0700, James Yonan wrote:

> * If you try to use a CFB or OFB mode cipher, OpenVPN fails to warn you t=
hat
> you also need to use the --rand-iv option.
>=20
> * The --rand-iv option currently does not guarantee that each IV is unique
> for a given key.  Uniqueness of IV is a requirement for for CFB and OFB m=
ode
> ciphers.  OpenVPN normally uses IVs equal in size to the cipher block size

It is also required for CBC mode.

> which is usually 64 bits.  There is a 50% probability that if you forward
> 2^32 packets, there will be two packets that have the same IV.  The next
> release of OpenVPN will ensure that each IV is unique when used with a CFB
> or OFB mode cipher.

Ah, so actually the CFB and OFB modes do use an IV, but it's just 8 bits
big? And by virtue of the birthday paradox, that would mean there's 50%
change if you forward more than 16 packets.

--=20
Met vriendelijke groet / with kind regards,
  Guus Sliepen <gu...@sl...>