1
votes

I am reviewing a part of code using php mcrypt library to encrypt some binary data using the Blowfish cipher. Basically it creates a blowfish descriptor in the MCRYPT_MODE_CBC mode and then calls the mcrypt_generic_init function with the iv parameter always equal to '12345678'.

Simplified code extraction:

$cipher = mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_CBC, '');
mcrypt_generic_init($cipher, $key, '12345678');

Documentation for the mcrypt-generic-init function says following:

The IV should normally have the size of the algorithms block size, but you must obtain the size by calling mcrypt_enc_get_iv_size(). IV is ignored in ECB. IV MUST exist in CFB, CBC, STREAM, nOFB and OFB modes. It needs to be random and unique (but not secret). The same IV must be used for encryption/decryption. If you do not want to use it you should set it to zeros, but this is not recommended.

My questions are:

What is this parameter used for? Is using of such value of the iv parameter a weakness? I am not sure, because it is said that it doesn't have to be secret, so an attacker can obtain it somehow. If it's not a weakness and such value of this parameter is perfectly ok, then why setting it to zeros is not recommended? Would it be significantly better to hardcode some pseudo random string instead of '12345678'?

1

1 Answers