how to output the initialization vector here in this code?

Question

how to output the initialization vector in CBC mode here in javascript? 256 bit key is used here.

    var blockSizeInBits = 128;
    var keySizeInBits = 256;

    function rijndaelEncrypt(plaintext, key, mode) {
        var expandedKey, i, aBlock;
        var bpb = blockSizeInBits / 8;          // bytes per block
        var ct;                                 // ciphertext

        if (!plaintext || !key)
          return;
        if (key.length*8 != keySizeInBits)
          return; 
        if (mode == "CBC") {
          ct = getRandomBytes(bpb);             // get IV
       //dump("IV", byteArrayToHex(ct));

        } else {
          mode = "ECB";


        ct = new Array();

      }

 function encrypt(block, expandedKey) {
  var i;  
  if (!block || block.length*8 != blockSizeInBits)
     return; 
  if (!expandedKey)
     return;

  block = packBytes(block);
  addRoundKey(block, expandedKey);
  for (i=1; i<Nr; i++) 
    Round(block, expandedKey.slice(Nb*i, Nb*(i+1)));
  FinalRound(block, expandedKey.slice(Nb*Nr)); 
  return unpackBytes(block);
}
function Encrypt_Text(plaintext, keystr) {
    if (keystr.length == 0) {
        alert("Please specify a key.");
        return "";
    }
    if (plaintext.length == 0) {
        alert("Nothing to encrypt!");
        return "";
    }
    setKey(keystr);
    addEntropyTime();
    prng = new AESprng(keyFromEntropy());
    var v = "";

    for(var i=0; i<plaintext.length % 16; i++) //pad with null to blocks of 16bytes
        plaintext += '\0';

    var ct = rijndaelEncrypt(plaintext, key, "CBC");
    var hex_str = byteArrayToHex(ct);
    var out_str = "";
    hex_str = hex_str.split('');
    for(var i=0; i<hex_str.length; i++) {
        if(i % 64 == 0 && i > 0) out_str += '\n';
        out_str += hex_str[i];
    }

    delete prng;
    return out_str;
}

is here the initialization vector represents the 128-bit block of cipher text or random bits of plaintext?

If you're using only symmetric encryption you need the exact same key at the server and the client. If you send the encryption key from the server to the client or the other way around you need to encrypt your symmetric encryption key. The easiest way to do this would be to use TLS. If you use TLS, then the data as well as key are encrypted, so you don't need to encrypt it yourself. This doesn't provide any security, just a little bit of obfuscation. You should read: https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2011/august/javascript-cryptography-considered-harmful/ — Artjom B., May 31 '17 at 18:49
The code you've shown doesn't use an IV. It could be that `rijndaelEncrypt` uses it internally, but that would be guessing and we don't do that here on Stack Overflow. — Artjom B., May 31 '17 at 18:51
The initialization vector doesn't represent cipher text or plain text. It's a standalone bit of random bytes as your code indicates (ct = getRandomBytes(..)). To learn more about the initialization vector, read through this post: [AES Encryption - Key vs IV](https://stackoverflow.com/questions/9049789/aes-encryption-key-versus-iv/) — Tails, Jun 02 '17 at 22:31

zaph · Answer 1 · 2017-05-31T13:39:10.290

0

One general IV solution is to prefix the encrypted data with the IV, it does not need to be secret. On decryption the IV can be split from the encrypted data and used for the decryption IV.

Notes:

It is best not to use null padding, instead use PKCS#7 padding. This is generally an option for most implementations and in many cases the default.
It is best not to directly use a text password, instead derive a password from the text using a method such as PBKDF2. The output of PBKDF2 can be specified to product enough bytes to split for both the key and IV.
ECB mode, it is not secure, see ECB mode, scroll down to the Penguin.

edited May 31 '17 at 13:39

answered May 31 '17 at 13:26

zaph

111,848
21
189
228

The IV is generally random bytes of block size. It insures that the same message encrypted with the same key will result in different encrypted data. But perhaps I don't understand the comment question. – zaph May 31 '17 at 14:18
means random bytes of input text? – aishz May 31 '17 at 14:19
No, just random bytes. – zaph May 31 '17 at 14:22
https://etherhack.co.uk/symmetric/aes/aes.html this is the complete code...here IV is not manually entered. – aishz May 31 '17 at 14:23
There is an issue with the statement in the referenced code: "AES is the industry recognised version of the Rijndael encryption algorithm, using a 256-bit key in CBC mode." This is not correct, AES is a version of Rijndael with a 128-bit block size and a key length of 128, 192 or 256 bits. – zaph May 31 '17 at 14:28
https://etherhack.co.uk/symmetric/aes/js/aes.js & https://etherhack.co.uk/symmetric/aes/js/jscrypt.js – aishz May 31 '17 at 14:38

how to output the initialization vector here in this code?

1 Answers1