Using AES-CBC with a random number plus a counter for the IV
I understand that AES-CBC uses the following scheme for encrypting data (diagram from Wikipedia):
And, I understand that we don't want initialization vectors to be predictable or constant, and also that you don't want it to just be a plain counter.
But, what if the Initialization vector is computed with some number of random bits and then some counter. For example, 12 bytes of random data plus 4 bytes of a counter?
My understanding is that the Initialization Vector is to make the plaintext input into AES random — which, if you're using 12 bytes of random data plus 4 bytes of a counter you'll still have the first 12 of the IV providing randomness. An analog to the question might be: what would be the damage for generating random IVs, except for that the last 4 bytes are always zeros?
Obviously, you now have less entropy for your IV so are more likely to get a collision, but does the fact that the last 4 bytes are constant affect the encryption in any other way? My understanding is that the output of AES is "random-looking", so it's not like having the last 4 bytes of the IV constant would let you do a chosen plaintext attack on those last 4 bytes — or, am I missing something? Is there any scenario in which using a random number + counter for AES-CBC would be beneficial?
I'm mostly curious about this in the case of general communication messages, but would things change significantly if we were encrypting something predictable, like JSON with a particular format?
Bonus question: A constant IV is bad. A cryptographically random IV is good... Is there a number of constant bytes in an IV at which AES-CBC will start to show weakness, other than the higher chance of an IV collision? (How bad would a constant 8 bytes of zeroes be? How about 12 bytes?). Not looking for a specific answer for this one, but just general insight into the design of AES.
(For clarification, I'm not advocating for using the scheme I described, and it's quite certainly bad idea to use it — I'm just curious about the implications)
