[cs631apue] SWS encryption questions
Simon Sidhom
ssidhom at stevens.edu
Mon Dec 19 13:58:10 EST 2011
Hi Professor,
I'm working on encryption for the final project and I have run into a
couple of questions. First, setproctitle(3) is not installed on the linux
lab as it is a BSD function. Is is sufficient to overwrite the argument in
argv[key]? My other concern is the initialization vector (IV). On the
blowfish man page it says that the client needs to know the IV. It also
says that some applications just use 0 as an IV. As a cyber security major
I know that using 0 as an IV makes the encryption deterministic and
therefore vulnerable to chosen plain text attack. Is it ok to look past
that for the purpose of this assignment and just use 0? Is there a better
way to let the client know what the IV is?
Thanks for help on short notice,
Simon S. Sidhom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.stevens.edu/pipermail/cs631apue/attachments/20111219/450acf87/attachment.html>
More information about the cs631apue
mailing list