iv_deriver library

OTP Crypto – IV derivation (time-windowed, OTP-like)

Derives a 16-byte AES-CBC IV that is not transmitted over the wire. Both sides compute the same IV deterministically from: iv = HMAC_SHA256(macKey, "iv" || u64be(window) || nonce):16

INPUTS:

macKey : 32-byte HMAC-SHA256 key derived via HKDF
window : floor(epochSeconds / windowSeconds)
nonce : exactly 8 random bytes (wire header n)

SECURITY NOTES:

Do not reuse the same (window, nonce) pair within the acceptance window, otherwise IVs repeat. Use a fresh nonce per message.
The IV depends on macKey; protect that key rigorously.
IV is deterministic per (window, nonce, macKey); never send it.

HINTS:

Use NonceGenerator.defaultGenerator() to obtain nonces.
Reuse Bytes.ivLabel and Bytes.u64beInt to avoid extra allocations.

otp_crypto/iv_deriver library

OTP Crypto – IV derivation (time-windowed, OTP-like)

Classes

otp_crypto package

iv_deriver library