[GH-ISSUE #189] 推送加密CBC模式IV处理不当 #171

New issue

Closed

opened 2026-03-03 11:37:41 +03:00 by kerem · 1 comment

kerem commented

2026-03-03 11:37:41 +03:00

Owner

Originally created by @zhangyoufu on GitHub (Mar 18, 2023).
Original GitHub issue: https://github.com/Finb/Bark/issues/189

CBC模式下，IV应当由服务器端（使用CSPRNG）随机产生。配置单一、固定的IV会显著削弱安全性。

https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV)

For most block cipher modes it is important that an initialization vector is never reused under the same key, i.e. it must be a cryptographic nonce.

Originally created by @zhangyoufu on GitHub (Mar 18, 2023). Original GitHub issue: https://github.com/Finb/Bark/issues/189 CBC模式下，IV应当由服务器端（使用CSPRNG）随机产生。配置单一、固定的IV会显著削弱安全性。 https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV) > For most block cipher modes it is important that an initialization vector is never reused under the same key, i.e. it must be a [cryptographic nonce](https://en.wikipedia.org/wiki/Cryptographic_nonce).