I am attempting to develop a file encryption function using user entered passphrase. I am studying the example functions at the WiKi here , but don't understand how 'key' and 'iv' exactly work. By experimenting I found out that I only need the same key value to decrypt the file, but NOT the same iv! Indeed I used a random iv string while decrypting, and it decrypts just fine. I plan to generate the key from the sender's passphrase to share it with the file recipient, but I am not sure what to do with iv value? Does it need to be shared with the recipient and used to decrypt, or I can use a randomly generated value, or should I hardcode the value in the program for encryption and decryption? What is 'iv' is used for in this context?
Asked
Active
Viewed 1,273 times
0
-
2See [Why use an Initialization Vector (IV)](http://crypto.stackexchange.com/q/732/10496) on Crypto.SE. You should state a mode of operation, but I'm guessing you are using CBC. You are most likely using an IV, but its the random garbage on the stack. Try decrypting your cipher text on another machine. It should fail. Or, some library or service is providing a null vector for an IV. In the future, you should probably ask programming and development questions here. Something like, *"how do I set the IV using the OpenSSL API"*. – jww Jan 27 '17 at 17:21
-
Thank you! I updated the title. Yes, I am using CBC. – seedhom Jan 27 '17 at 18:05