Menu
I want to know the best way of transferring a cryptographic initialization vector (IV) from the place where my data is encrypted to the place where my data is decrypted.
In other words, the IV should be randomly generated every time you encrypt a message (right?), so there needs to be some way of finding the IV when you decrypt.
I have heard of people simply concatenating the IV (in plain text) to the encrypted data. Is there any security risk with this?
332
The IV does not need to be kept secret, as the only secret data is the key (by definition).
As long as the IV is random, go right ahead and transmit it any way you like - concatenating it with the encrypted data is just fine.
(Of course, make sure you ARE protecting the integrity of the IV data, otherwise it won't work....)
172
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
