|
|
|
|
|
|
by cabacon
4779 days ago
|
|
|
You're sending the IV as part of the data, and the IV is not encrypted. The message being sent is time.time(), which is hugely predictable. The padding is easy to attack, and the inclusion of the IV means you'll get the first data block too. |
|
|