Some people enjoy seeing their own posts on other users' Talk pages and re-reading them over and over again. Unfortunately for them, I prefer keeping my Talk page clean only showing the talks in progress on it.
If anyone finds reading outdated conversations to be an exciting way to spend their time, they are welcome to dig those up in the page history. I will keep maintaining my Talk page clean and up to date. If it's against Wikipedia rules, I insist that those rules are changed and everyone is assigned moderator privileges for their own user pages to be able to clean up their own Talk pages and their own user pages from any nonsense posted on them by unwelcome visitors.
— Ruptor 16:33, 3 October 2005 (UTC)
(Hi Ruptor, I know this is old, but I wasn't sure if you saw my response, so I just thought I would copy-and-paste it. Feel free to delete this "discussion".)
Hello, Michael! Thanks for taking time to contribute to the IV page. I just wanted to discuss your correction. I'm sure you'd agree that the recepient does need to know the IV to be able to decrypt the message. It was just probably worded incorrectly. The recepient doesn't necessarily need to receive the IV when it can be simply calculated or measured - the IV can be current time for instance, if it's properly synchronised. — Ruptor 16:40, 18 October 2005 (UTC)
Hi Ruptor,
Yes, I agree it was just a combination of ambiguous wording and my own ignorance. I realized this soon after, agonized over my change, and nearly reverted it. I'm glad, though, that it prompted you to add to the page, because I think your explanations really help.
However, I do think there is a key point about an IV that may be worthy of explanation in the Wikipedia article. There are really two ways to think about, or describe, what an IV is. (NB: I don't have much experience with stream ciphers, so this pertains to block ciphers only. Does a similar dichotomy exist with stream ciphers?)
The first view, the "IV as initial input" view, is what is described in your article. The IV is a block of data that is used to initiailize the feedback register. Here, it is obvious that the receiver needs to know the IV, since an encryption algorithm in feedback mode requires this input to operate correctly.
The other view, the "IV as salt" view, is that the IV is simply some random data that is included at the beginning of the plaintext, so that when encrypted (in feedback mode), the resulting ciphertext is unique. In this case, the feedback register is initialized with zeroes. Here, the receiver does not need to know the IV beforehand -- instead, the IV (as salt) is what the receiver sees as the first block after decrypting.
It seems clear that these two views are equivalent; the "IV as input" is merely the encrypted "IV as salt." (Note: If "IV as salt" doesn't really exist -- that is, if the distinction between "IV" and "salt" is clear to everyone, then either I am dense or the texts that I have read are poorly written, or both.)
I can understand why "IV as input" is the normal view, though, since it gives an implementor freedom to calculate the IV as they choose, and you nicely describe various ways that it can be computed. This freedom allows you to avoid, in some cases, the overhead of sending an extra block of encrypted data.
However, perhaps that is also the freedom to hang oneself? Schneir stresses in Applied Cryptography that the IV (as initial input) is not secret. So it seems to me that "IV as salt" has a minor advantage, in that the IV (as salt) is always encrypted with the private key. Therefore, even if an implementor chooses to unwisely attach semantics to the IV (i.e. it really should be secret), it is at least not available to an attacker in plaintext. Granted, since the feedback register is zeroed when encrypting the salt, the IV itself is exposed to the same attacks as ECB mode. With "IV as input," you can achieve the same protection as "IV as salt" by encrypting (in ECB mode) the IV. But I wonder how many people are actually doing that? It didn't even occur to me until just now.
Michael Birk 23:27, 28 October 2005 (UTC)
I agree with the WP:RPA guidelines and I keep my talk page clean by simply removing everything that I consider to be a personal attack or libel. — Ruptor 16:38, 17 October 2006 (UTC)
To get my point across, I have done some "censoring" on your comment — and I didn't even change any of your text! Please don't take any offense, it's just a prank. Of course you are welcome to revert me. :) (I hope I don't get chastised for WP:POINT...) -- intgr 22:54, 25 April 2007 (UTC)
I believe that your edits to the Talk:VEST page are inappropriate for Wikipedia; further, your account is in violation of the Wikipedia policy on Conflicts of Interest ( WP:COI ). Please do not continue this dispute in Wikipedia's pages any further. Georgewilliamherbert 02:45, 17 May 2007 (UTC)
Please drop me a message when you have a chance. Maxal ( talk) 12:49, 4 October 2013 (UTC)
Your upload of File:Algorithm diagram for XXTEA cipher.png or contribution to its description is noted, and thanks (even if belatedly) for your contribution. In order to help make better use of the media, an attempt has been made by an automated process to identify and add certain information to the media's description page.
This notification is placed on your talk page because a bot has identified you either as the uploader of the file, or as a contributor to its metadata. It would be appreciated if you could carefully review the information the bot added. To opt out of these notifications, please follow the instructions here. Thanks! Message delivered by Theo's Little Bot ( opt-out) 11:44, 17 December 2013 (UTC)
As an Australian Wikipedian, your opinion is sought on a proposal to advocate for the introduction of Fair Use into Australian copyright law. The discussion is taking place at the Australian Wikipedians' notice board, please read the proposal and comment there. MediaWiki message delivery MediaWiki message delivery ( talk) 11:08, 2 March 2017 (UTC)
This message has been automatically sent to all users in Category:Australian Wikipedians. If you do not wish to receive further messages like this, please either remove your user page from this category, or add yourself to Category:Opted-out of message delivery
Some people enjoy seeing their own posts on other users' Talk pages and re-reading them over and over again. Unfortunately for them, I prefer keeping my Talk page clean only showing the talks in progress on it.
If anyone finds reading outdated conversations to be an exciting way to spend their time, they are welcome to dig those up in the page history. I will keep maintaining my Talk page clean and up to date. If it's against Wikipedia rules, I insist that those rules are changed and everyone is assigned moderator privileges for their own user pages to be able to clean up their own Talk pages and their own user pages from any nonsense posted on them by unwelcome visitors.
— Ruptor 16:33, 3 October 2005 (UTC)
(Hi Ruptor, I know this is old, but I wasn't sure if you saw my response, so I just thought I would copy-and-paste it. Feel free to delete this "discussion".)
Hello, Michael! Thanks for taking time to contribute to the IV page. I just wanted to discuss your correction. I'm sure you'd agree that the recepient does need to know the IV to be able to decrypt the message. It was just probably worded incorrectly. The recepient doesn't necessarily need to receive the IV when it can be simply calculated or measured - the IV can be current time for instance, if it's properly synchronised. — Ruptor 16:40, 18 October 2005 (UTC)
Hi Ruptor,
Yes, I agree it was just a combination of ambiguous wording and my own ignorance. I realized this soon after, agonized over my change, and nearly reverted it. I'm glad, though, that it prompted you to add to the page, because I think your explanations really help.
However, I do think there is a key point about an IV that may be worthy of explanation in the Wikipedia article. There are really two ways to think about, or describe, what an IV is. (NB: I don't have much experience with stream ciphers, so this pertains to block ciphers only. Does a similar dichotomy exist with stream ciphers?)
The first view, the "IV as initial input" view, is what is described in your article. The IV is a block of data that is used to initiailize the feedback register. Here, it is obvious that the receiver needs to know the IV, since an encryption algorithm in feedback mode requires this input to operate correctly.
The other view, the "IV as salt" view, is that the IV is simply some random data that is included at the beginning of the plaintext, so that when encrypted (in feedback mode), the resulting ciphertext is unique. In this case, the feedback register is initialized with zeroes. Here, the receiver does not need to know the IV beforehand -- instead, the IV (as salt) is what the receiver sees as the first block after decrypting.
It seems clear that these two views are equivalent; the "IV as input" is merely the encrypted "IV as salt." (Note: If "IV as salt" doesn't really exist -- that is, if the distinction between "IV" and "salt" is clear to everyone, then either I am dense or the texts that I have read are poorly written, or both.)
I can understand why "IV as input" is the normal view, though, since it gives an implementor freedom to calculate the IV as they choose, and you nicely describe various ways that it can be computed. This freedom allows you to avoid, in some cases, the overhead of sending an extra block of encrypted data.
However, perhaps that is also the freedom to hang oneself? Schneir stresses in Applied Cryptography that the IV (as initial input) is not secret. So it seems to me that "IV as salt" has a minor advantage, in that the IV (as salt) is always encrypted with the private key. Therefore, even if an implementor chooses to unwisely attach semantics to the IV (i.e. it really should be secret), it is at least not available to an attacker in plaintext. Granted, since the feedback register is zeroed when encrypting the salt, the IV itself is exposed to the same attacks as ECB mode. With "IV as input," you can achieve the same protection as "IV as salt" by encrypting (in ECB mode) the IV. But I wonder how many people are actually doing that? It didn't even occur to me until just now.
Michael Birk 23:27, 28 October 2005 (UTC)
I agree with the WP:RPA guidelines and I keep my talk page clean by simply removing everything that I consider to be a personal attack or libel. — Ruptor 16:38, 17 October 2006 (UTC)
To get my point across, I have done some "censoring" on your comment — and I didn't even change any of your text! Please don't take any offense, it's just a prank. Of course you are welcome to revert me. :) (I hope I don't get chastised for WP:POINT...) -- intgr 22:54, 25 April 2007 (UTC)
I believe that your edits to the Talk:VEST page are inappropriate for Wikipedia; further, your account is in violation of the Wikipedia policy on Conflicts of Interest ( WP:COI ). Please do not continue this dispute in Wikipedia's pages any further. Georgewilliamherbert 02:45, 17 May 2007 (UTC)
Please drop me a message when you have a chance. Maxal ( talk) 12:49, 4 October 2013 (UTC)
Your upload of File:Algorithm diagram for XXTEA cipher.png or contribution to its description is noted, and thanks (even if belatedly) for your contribution. In order to help make better use of the media, an attempt has been made by an automated process to identify and add certain information to the media's description page.
This notification is placed on your talk page because a bot has identified you either as the uploader of the file, or as a contributor to its metadata. It would be appreciated if you could carefully review the information the bot added. To opt out of these notifications, please follow the instructions here. Thanks! Message delivered by Theo's Little Bot ( opt-out) 11:44, 17 December 2013 (UTC)
As an Australian Wikipedian, your opinion is sought on a proposal to advocate for the introduction of Fair Use into Australian copyright law. The discussion is taking place at the Australian Wikipedians' notice board, please read the proposal and comment there. MediaWiki message delivery MediaWiki message delivery ( talk) 11:08, 2 March 2017 (UTC)
This message has been automatically sent to all users in Category:Australian Wikipedians. If you do not wish to receive further messages like this, please either remove your user page from this category, or add yourself to Category:Opted-out of message delivery