An initialization vector (IV) is a initial block of bits that is used by several modes to randomize the encryption and hence to produce distinct ciphertexts even if the same plaintext is encrypted multiple times, without the need for a slower re-keying process. An initialization vector has different security requirements than a key, so usually it does not need to be secret, indeed it's usually prefixed to the ciphertext and transmitted in full public view. However, in most cases, it is important that an initialization vector is never reused under the same key [1] [2].
One could ask "why you do not consider the repeated sequences shown in LFSR/PRBS page as initialization vectors?" Well, it's simple. An Initialization Vector must be a unique, random, and unpredictable number (a binary sequence) used to “initialize” an encryption function, thus an adversary shouldn’t be able to predict it before the message is encrypted [3]. PRBS sequences, just for their nature, are generated by shift registers so they are predictable; more over the same sequences is frequently re-used within the same transmission (just because it's mostly used as synch).
Look at the interesting test bed demo program CryptoSys5A.exe, the program is written in Visual Basic (VB.NET) and demonstrates the results of encrypting data using the various encryption algorithms with different encryption modes and padding schemes [4].
Last update: 5th June, 2023
| length (1) | format | encryption/device (2) | HF waveform | referring post |
| 24 | sent once | KG-40 | Link-11 SLEW | read here |
| 64 | 3 times rptd | TC-535 Additional Key (AK) | 110-220Bd/330 FSK | read here |
| 70 | 2 times rptd | T-600 | CIS Navy FSK broadcast | read here |
| 96 | 3 times rptd | L3Harris Citadel II (?) | 188-110A | read here |
| 128 | sent once | "IDEA" algorithm [5] | 188-110A | read here |
| 2x64 segs each 4 times rptd |
KG-84/KIV-7/BID | S4285, S4481F/P, S4539, 188-110A, 150Bd/250FSK |
read here | |
| 3 times rptd | S4539 | read here | ||
| 5 times rptd | 188-110A (*), S4539 | read here | ||
| S4285 (*) | read here | |||
| 188-110A | read here | |||
| 192 | 4 times rptd | 200Bd/400 MFSK-4 | read here | |
| 216 | 3 times rptd | 188-110A | read here | |
| 240 | 8x30 segs each 3 times rptd |
Makhovik, T-230-1A | CIS-1200 | read here |
| 256 | 8 times rptd | 188-110A | read here | |
| 2x128 segs each 3 times rptd |
L3Harris Citadel II (?) | 188-110A | read here | |
| 1305 | 87 Phi-encoded bits | KW-57/KY-99 (per 188-220D) | LDL BW3 (S4538) | read here |
(*) the waveform exhibits four initial unmodulated tones at 500, 1200, 1700 and 2600 KHz which are non provided in the standard. Maybe the same modem/user (and encryption too)?
(1) the length is expressed in bits
(2) In this blog I often use terms like "KG-84", "KW-46", "BID",..., as well as the names of other cryptographic devices, but this does not necessarily mean that those devices are physically deployed! Rather than to the equipments, those names must be understood as referring to the used "algorithms", since - unless few exceptions - many of those devices are now obsolete and no longer used. Actually, the algorithms are emulated by interoperable and more compact devices such as - for example - the KIV-7M Programmable Multi-Channel Encryptor that can be used for communicating with a KIV-7 family device and the older KG-84/BID family of devices, or the KY-99 that is the more advanced version of the KY-57 unit.
Also note that these products are only used by the US Government, their contractors, and federally sponsored non-US Government activities, in accordance with the International Traffic in Arms Regulations (ITAR), as well as by NATO and by the administrations of some NATO countries.
Very nice article, I enjoyed reading your post, very nice share, I want to twit this to my followers. Thanks!.
ReplyDeleteBuy Linzhi Phoenix ASIC