Efficient Subversion of Symmetric Encryption with Random Initialization Vector

Joonsang BAEK  Ilsun YOU  

IEICE TRANSACTIONS on Information and Systems   Vol.E99-D   No.4   pp.1251-1254
Publication Date: 2016/04/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2015EDL8224
Type of Manuscript: LETTER
Category: Information Network
subversion,  symmetric encryption,  random IV,  

Full Text: PDF(81.6KB)>>
Buy this Article

This paper presents an efficient subverted symmetric encryption scheme, which outputs a random initialization vector (IV). Compared with the available scheme of the same kind in the literature, our attack provides a saboteur (big brother) with much faster recovery of a key used in a victim's symmetric encryption scheme. Our result implies that care must be taken when a symmetric encryption scheme with a random IV such as randomized CBC is deployed.