Storing the Initialization Vector - Separate field?

About

Asked 24/3, 2016 at 21:16 Answered 24/3, 2016 at 21:29

Solved encryption aes initialization-vector aescryptoserviceprovider

When encryption sensitive information using the .NET AesCryptoServiceProvider library I generate a unique Initialization Vector (IV) for each value that is encrypted. In the database record where I save the encrypted data I have a field named "IV" which stores the Initialization Vector for use in later decryption.

Is there a different way in which the Initialization Vector can be stored alongside the cipher-text? By appending the IV to the Cipher Text perhaps? If so, is there a standard approach?

Obscuration answered 24/3, 2016 at 21:16 Comment(0)

Is there a different way in which the Initialization Vector can be stored alongside the cipher-text? By appending the IV to the Cipher Text perhaps?

Yes, you can do exactly that. Prepending it to the ciphertext works. Since the IV has fixed size depending on block mode, block cipher and protocol, you can slice the IV off during decryption and treat the remaining bytes as the actual ciphertext.

If so, is there a standard approach?

No, there is no standard. A common way is to prepend the IV. If you're applying the Cryptographic Message Standard (CMS), then there is a little bit about how the IV is stored. RFC3370

Ergosterol answered 24/3, 2016 at 21:29 Comment(5)

Thanks! Was wondering if it was common to separate the IV and the Cipher text by a hyphen - or some other "standard" character. – Obscuration 24/3, 2016 at 21:32

Never seen it. The IV usually has a predefined length. For CBC mode it is always the same as the block size. For CFB mode it is the same as the segment size and for CTR mode it is usually between 64 and 96 bit. If you allow for variable size CTR IVs (technically nonces), then you can prepend a byte to the IV that denotes the length of the IV. – Ergosterol 24/3, 2016 at 21:36

In PHP land, Laravel JSON encodes the IV, ciphertext, and MAC separately (as one array). – Builtin 25/3, 2016 at 18:42

@Scott I've seen it and I find it ridiculous, because the whole ciphertext must be present in memory for this to work. The wastefulness is big with this one. – Ergosterol 25/3, 2016 at 18:48

I didn't say it was a good design. :) I just wanted to share that people do stuff like that. – Builtin 25/3, 2016 at 18:52

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags