"Michael" == Michael Young <mwy-opgp97(_at_)the-youngs(_dot_)org> writes:
Michael> Yes, I meant Twofish, not Blowfish. The draft I found at
Michael> imc.org still says in section 5.5.3:
- [Optional] If secret data is encrypted, eight-octet Initial
Vector (IV).
Michael> This should now read "an IV of the same length as the cipher
Michael> block"?
Clearly yes. The IV always must be the same size as the blocksize for
any block cipher.
Michael> As Werner Koch pointed out last year, this will require an
Michael> implementation to know the block size simply in order to
Michael> parse the rest of the packet. Given that the only material
Michael> after the IV is the encrypted part, and thus won't be
Michael> readable anyway without support for that cipher, I suppose
Michael> this isn't all that serious. But is there any intention to
Michael> make the IV size self-describing for future ciphers, or is
Michael> this the final plan?
Can't see any reason to change that. You only need to know the IV if
you're going to decrypt. And to do that clearly you must know the
cipher, which includes knowing its blocksize.
If you're not going to decrypt, you might as well consider the IV as
part of the encrypted message, since it doesn't contain any
interesting information.
paul