tags:

views:

22

answers:

2
Q: 

Audio, AES CBC and IVs

Hello,

I'm currently working on a voip project and have a question about the implementation of AES-CBC mode. I know that for instant messaging based on text message communication, it's important to generate an IV for every message to avoid possible guess of the first block if this one is redundant during the communication. But is it useful to do the same with audio data ? Since audio data is much more complex than clear text, i'm wondering if it would be wise to generate an IV for each audio chunk ( that would mean a lot of IVs per second, more than 40 ), or will this just slow everything down for nothing? Or just one IV generated at the start of the conversation should be enough?

Thanks in advance,

Nolhian

+1  A: 

You do not need to generate new IVs each time. For example, in SSH and TLS only one IV is used for a whole data session, and rekeying is needed only after some gbytes of data.

Nickolay O.  2010-08-23 15:40:59
Thanks a lot! Your example also learn me something ;)
Nolhian  2010-08-23 23:21:01
A: 

CBC requires a new IV for each message. However nobody said that you had to send a message in one go.

Consider SSL/TLS. The connection begins with a complex procedure (the "handshake") which results in a shared "master key" from which are derived symmetric encryption keys, MAC keys, and IVs. From that point and until the connection end (or new handshake), the complete data sent by the client to the server is, as far as CBC is concerned, one unique big message which uses, quite logically, a unique IV.

In more details, with CBC each block (of 16 bytes with AES) is first XORed with the previous encrypted block, then is itself encrypted. The IV is needed only for the very first block, since there is no previous block at that point. One way of seeing it is that each encrypted block is the IV for the encryption of what follows. When, as part of the SSL/TLS dialog, the client sends some data (a "record" in SSL speak), it remembers the last encrypted block of that record, to be used as IV for the next record.

In your case, I suppose that you have an audio stream to encrypt. You could handle it as SSL/TLS does, simply chopping the CBC stream between blocks. It has, however, a slight complication: usually, in VoIP protocols, some packets may be lost. If you receive a chunk of CBC-encrypted data and do not have the previous chunk, then you do not know the IV for that chunk (i.e. the last encrypted block of the previous chunk). You are then unable to properly decrypt the first block (16 bytes) of the chunk you receive. Whether recovery from that situation is easy or not depends on what data you are encrypting (in particular, with audio, what kind of compression algorithm you use). If that potential loss is a problem, then a workaround is to include the IV in each chunk: in CBC-speak, the last encrypted block of a chunk (in a packet) is repeated as first encrypted block in the next chunk (in the next packet).

Or, to state it briefly: you need an IV per chunk, but CBC generates these IV "naturally" because all the IV (except the very first) are blocks that you just encrypted.

Thomas Pornin  2010-08-27 15:59:13

related questions

How to emulate/replace/re-enable classical Sound Mixer controls (or commands) in Windows Vista? [answered]
Music - How do you analyse the fundamental frequency of a PCM or WAC sample
Convert WAV to WMA using .NET
How does one record audio from a Javascript based webapp?
What is the best way to merge mp3 files?
Slowing down the playback of an audio file without changing its pitch?
Creating MP4/M4A files with Chapter marks
Algorithm to decide if digital audio data is clipping?
Service to make an audio podcast from a video one?
Good python library for generating audio files?
How to do a sample rate conversion in Windows (and OSX)
Waveform Visualization in Ruby
Simple audio input API on a Mac?
Change Active Sound Card on the Fly
What Are High-Pass and Low-Pass Filters?
3.1 or 5.1 audio in Flash
Can an audio object be embedded in an InfoPath form ?
Must-see tech talks/presentations?
Free Wavetable Synthesizer?
How do I search content, within audio files/streams?
What is a good free library for editing MP3s/FLACs?
Detecting audio silence in WAV files using C#
Accessing audio/video metadata with .NET
Transcoding audio and video
Rockbox audio format