Problem
When Bob and Alice exchange messages using symmetric encryption, a random ivspec is generated by either party and sent along with the encrypted message such that it can be decrypted by the other part.
ivspec should never be duplicated for a given key pair, currently a random sequence of 16 bytes is generated, but a sequence number incrementing with each message would be preferable to further reduce the risk of reuse of ivspec.
Solution
Instead of using a single symmetric key, Bob and Alice use two.
One is used when Alice communicates to Bob, the other is used when Bob communicates to Alice.
Both Bob and Alice can independently manage an ivspec sequence without risk of overlap.
Alternatives
There are no clear alternatives to ensuring Alice and Bob never reuse the same ivspec for a given key without falling back to random numbers which aren't really improving matters on the current implementation.
Additional Context
If key rotation is implemented and reasonably frequent, the risk of duplicate random ivspec is further reduced.
Problem
When Bob and Alice exchange messages using symmetric encryption, a random
ivspecis generated by either party and sent along with the encrypted message such that it can be decrypted by the other part.ivspecshould never be duplicated for a given key pair, currently a random sequence of 16 bytes is generated, but a sequence number incrementing with each message would be preferable to further reduce the risk of reuse ofivspec.Solution
Instead of using a single symmetric key, Bob and Alice use two.
One is used when Alice communicates to Bob, the other is used when Bob communicates to Alice.
Both Bob and Alice can independently manage an
ivspecsequence without risk of overlap.Alternatives
There are no clear alternatives to ensuring Alice and Bob never reuse the same
ivspecfor a given key without falling back to random numbers which aren't really improving matters on the current implementation.Additional Context
If key rotation is implemented and reasonably frequent, the risk of duplicate random
ivspecis further reduced.