CRYPTO NEWS

Supreme Team Interviews

Sending KCV (key check value) with cipher text

I was wondering why it is not more common to send the KCV of a secret key together with the cipher text. I see many systems that send cipher text and properly prepend the IV to e.g. a CBC mode encryption. Wouldn’t it be easier to prepend another <blocksize> bytes with the KCV together with::Listen

I was wondering why it is not more common to send the KCV of a secret key together with the cipher text. I see many systems that send cipher text and properly prepend the IV to e.g. a CBC mode encryption. Wouldn’t it be easier to prepend another <blocksize> bytes with the KCV together with it? A good block cipher should not be vulnerable to known plain text, so I personally don’t see any issue with sending the KCV.

It would of course be less efficient, but the upside is that you can distinquish with some certainty between using the wrong key and a general decryption failure. I say "some" certainty because if the first [blocksize] bytes are (too) garbled, then the compare would obviously fail. That said, it’s unlikely that an single block, ECB mode encrypt of [blocksize] bytes would go wrong in any way.

PS The cryptoki standards only use the first three bytes of the KCV, but I think that this is mostly a convenience, and only partly a security measure (against brute force)?

Supreme Team Interviews

Shopping cart
There are no products in the cart!
Continue shopping
0