推送加密CBC模式IV处理不当
zhangyoufu opened this issue · comments
CBC模式下,IV应当由服务器端(使用CSPRNG)随机产生。配置单一、固定的IV会显著削弱安全性。
https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV)
For most block cipher modes it is important that an initialization vector is never reused under the same key, i.e. it must be a cryptographic nonce.
duplicate of #188