Transfer of cryptographic initialization vectors

Question

Transfer of cryptographic initialization vectors

I want to know the best way to transfer the cryptography (IV) initialization vector from the place where my data is encrypted to the place where my data is decrypted.

In other words, an IV must be randomly generated every time you encrypt a message (right?), So there must be some way to search for IV when decrypting.

I heard that people just concatenate IV (in plain text) to encrypted data. Is there a security risk with this?

+3

security cryptography encryption

ejm Jun 22 '09 at 6:30

source share

1 answer

Avid · Accepted Answer · 2009-06-22T07:25:57+0000

IV does not need to be kept secret, since the only secret data is the key (by definition).
As long as IV is random, go ahead and pass it in any way - concatenating it with encrypted data is just fine.

(Of course, make sure you protect IV data integrity, otherwise it won't work ...)

Transfer of cryptographic initialization vectors

More articles: