IRS Encourages Poor Cryptography
I’m not sure what to make of this, or even what it means. The IRS has a standard called IDES: International Data Exchange Service: “The International Data Exchange Service (IDES) is an electronic delivery point where Financial Institutions (FI) and Host Country Tax Authorities (HCTA) can transmit and exchange FATCA data with the United States.” It’s like IRS data submission, but for other governments and foreign banks.
Buried in one of the documents are the rules for encryption:
While performing AES encryption, there are several settings and options depending on the tool used to perform encryption. IRS recommended settings should be used to maintain compatibility:
- Cipher Mode: ECB (Electronic Code Book).
- Salt: No salt value
- Initialization Vector: No Initialization Vector (IV). If an IV is present, set to all zeros to avoid affecting the encryption.
- Key Size: 256 bits / 32 bytes Key size should be verified and moving the key across operating systems can affect the key size.
- Encoding: There can be no special encoding. The file will contain only the raw encrypted bytes.
- Padding: PKCS#7 or PKCS#5.
ECB? Are they serious?
Leave a comment