after reading a lot of stuff about AES CTR and its IV i'm still not sure if it is ok to use a predictable IV or not.
I searched the web and found some programs / devices that use encryption in this way.
For example Lora. Lora is a low speed Network for exchanging data (temperatures or humidity sensors ) over a complete cities with thousands of devices.
Example: I've found source code of the Lora Mac on the Web which is doing exactly that.
A Sequence counter that uses every value only once over the entire Node lifetime.
And a little 1 Byte counter for every new 16 Byte Block.
The IV is Initialized by
static uint8_t aBlock[] = { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; after this aBlock[5] = dir; ( direction of message) aBlock[6] = ( address ) & 0xFF; (Hardware address of device) aBlock[7] = ( address >> 8 ) & 0xFF; (Hardware address of device) aBlock[8] = ( address >> 16 ) & 0xFF; (Hardware address of device) aBlock[9] = ( address >> 24 ) & 0xFF; (Hardware address of device) aBlock[10] = ( sequenceCounter ) & 0xFF; (counter that never repeats) aBlock[11] = ( sequenceCounter >> 8 ) & 0xFF; (counter that never repeats) aBlock[12] = ( sequenceCounter >> 16 ) & 0xFF; (counter that never repeats) aBlock[13] = ( sequenceCounter >> 24 ) & 0xFF; (counter that never repeats) aBlock[15] = ( ( ctr ) & 0xFF ); ( a counter value that is incremented for every 16 Byte Block) Is this secure enough?
Source Code: https://github.com/Lora-net/LoRaMac-node/blob/master/src/mac/LoRaMacCrypto.c Line 108: void LoRaMacPayloadEncrypt()
