7

When encryption sensitive information using the .NET AesCryptoServiceProvider library I generate a unique Initialization Vector (IV) for each value that is encrypted. In the database record where I save the encrypted data I have a field named "IV" which stores the Initialization Vector for use in later decryption.

Is there a different way in which the Initialization Vector can be stored alongside the cipher-text? By appending the IV to the Cipher Text perhaps? If so, is there a standard approach?

webworm
  • 10,587
  • 33
  • 120
  • 217

1 Answers1

8

Is there a different way in which the Initialization Vector can be stored alongside the cipher-text? By appending the IV to the Cipher Text perhaps?

Yes, you can do exactly that. Prepending it to the ciphertext works. Since the IV has fixed size depending on block mode, block cipher and protocol, you can slice the IV off during decryption and treat the remaining bytes as the actual ciphertext.

If so, is there a standard approach?

No, there is no standard. A common way is to prepend the IV. If you're applying the Cryptographic Message Standard (CMS), then there is a little bit about how the IV is stored. RFC3370

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
  • 1
    Thanks! Was wondering if it was common to separate the IV and the Cipher text by a hyphen `-` or some other "standard" character. – webworm Mar 24 '16 at 21:32
  • 2
    Never seen it. The IV usually has a predefined length. For CBC mode it is always the same as the block size. For CFB mode it is the same as the segment size and for CTR mode it is usually between 64 and 96 bit. If you allow for variable size CTR IVs (technically nonces), then you can prepend a byte to the IV that denotes the length of the IV. – Artjom B. Mar 24 '16 at 21:36
  • In PHP land, Laravel JSON encodes the IV, ciphertext, and MAC separately (as one array). – Scott Arciszewski Mar 25 '16 at 18:42
  • @Scott I've seen it and I find it ridiculous, because the whole ciphertext must be present **in memory** for this to work. The wastefulness is big with this one. – Artjom B. Mar 25 '16 at 18:48
  • I didn't say it was a good design. :) I just wanted to share that people do stuff like that. – Scott Arciszewski Mar 25 '16 at 18:52