Security | Static IV

[is-it-ayush]

tl;dr

Issue #8 that mentions the use of constant IV has not yet been resolved for over 9 months since the issue was originally reported.
This is not a security issue however, it defeats the point of using CBC (mode of operation) for AES.

Explaination

The encryption used here is AES-128-CBC for encrypting and decrypting the transactions. The mode of operation for AES is CBC i.e. Cipher Block Chaining. It uses a IV (Initialization Vector) which is then XORed with the plaintext block. The result is then encrypted using AES and key 'k' and a Ciphertext-block is generated.

Now Say, The key used to encrypt the result of IV XOR Plaintext-Block is same for all encryptions (which is generally the case).

• If the IV is random, two same plaintext-block will always result in two different ciphertext-block.
  Psuedo Example: aes_encrypt("hello world" XOR IV_1, secret_key) and aes_encrypt("hello world" XOR IV_2, secret_key) will result in two completely different ciphertext-blocks.
• If the IV is constant, two same plaintext-block will always result in the same ciphertext block provided the key used to encrypt was same. Psuedo Example: aes_encrypt("hello world" XOR IV, secret_key) and aes_encrypt("hello world" XOR IV, secret_key) will result in two same ciphertext-blocks.

Proposed Solution

Generate the IV everytime a encryption is performed. The IV could be passed in with the checksum to decrypt at the other side. This way the integrity is still maintained. : )

Additional Note

You should also consider upgrading from AES-128-CBC with 128-bit key size to something much more secure key length of 256-bit or even GCM if possible for newer systems.

[is-it-ayush]

Apparently I was stupid. Sowwy! :3