RB with random IV value for encryption
Pol Dellaiera
pol.dellaiera at gmail.com
Mon Dec 23 11:25:56 UTC 2024
Hello,
I am not fully versed in the details of using a random IV for AES CBC encryption, but whenever reproducibility is disrupted by random data, a common approach is to parameterise the "random" value rather than generate it on the fly.
For instance, I have included a trivial C program here, not reproducible at run-time: https://github.com/drupol/master-thesis/blob/main/resources/sourcecode/montecarlo-pi.c and a possible fix at https://github.com/drupol/master-thesis/blob/main/resources/sourcecode/montecarlo-pi-fix.c
In the first link, it currently seeds its random generator with `srand(time(NULL));`, which ties the output to the system clock and thus prevents run-time reproducibility. In the second link, instead of using the current time, we can make the seed an input parameter to the process that is actually running the code. This way, the algorithm no longer depends on an unpredictable system value, and the output becomes deterministic (and hence reproducible) when the same seed is provided.
Hope this helps.
On 23/12/24 12:06, Shivanand.Kunijadar at toshiba-tsip.com wrote:
> Hi RB-Team,
>
> We are facing reproducibility issues with encrypted images. We use a random IV for encryption with AES CBC. The resulting artifact is not reproducible due to the random IV used.
>
> Based on information from the RB website, the Random data will make builds unreproducible and must be avoided[1].
> From a security perspective, it will be risky to use predictable IV values for the encryption.
>
> Is there any other discussions related to the same in the mailing list or any guidelines related to handling random IV values for RB?
>
> [1] https://reproducible-builds.org/docs/randomness/ <https://reproducible-builds.org/docs/randomness/>
>
> Thanks & Regards
>
> Shivanand K
>
--
-Pol Dellaiera-
https://not-a-number.io/
More information about the rb-general
mailing list