Hi Milan, On 13 December 2016 at 15:31, Milan Broz <gmazyland@xxxxxxxxx> wrote: > I think that IV generators should not modify or read encrypted data directly, > it should only generate IV. I was trying to find more information about what you said and how a iv generator should be written. I saw two examples of IV generators too used with AEAD ciphers (crypto/seqiv.c and crypto/echainiv.c) Excerpt from crypto api doc: http://www.chronox.de/crypto-API/crypto/architecture.html#crypto-api-cipher-references-and-priority 2. Now, SEQIV uses the AEAD API function calls to invoke the associated AEAD cipher. In our case, during the instantiation of SEQIV, the cipher handle for GCM is provided to SEQIV. This means that SEQIV invokes AEAD cipher operations with the GCM cipher handle. Here, it says seqiv invokes cipher operations. However the code crypto/seqiv.c does not look similar to how the modes are implemented which is confusing. I was looking for an example of an IV generator used with a regular block cipher and not a AEAD cipher. Could you point me out to some? Thanks, Binoy -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel