Re: [PATCH v6] security/keys: rewrite all of big_key crypto
From: Jason A. Donenfeld
Date: Wed Sep 20 2017 - 10:09:56 EST
On Wed, Sep 20, 2017 at 4:06 PM, Stephan Mueller <smueller@xxxxxxxxxx> wrote:
>> Section 3 shows an attack with repeated nonces, which we don't do here.
>
> Maybe I miss a point here, but zero IVs is no repetition of nonces?
If there's a fresh key each time, then no, it's not a repetition.
This patch uses a fresh random key for every encryption.