What's the best way to append a Iv to a encrypted message?
Can I append it by doing a base 64 encoding out of obtained Iv and use a delimiter to append it with a bqse64 encrypted message? Or suggest some good and secure ideas.
Asked
Active
Viewed 41 times
-1
-
You should read up on the basics yourself (base64 is **not** encryption). Ask your question when you have a specific problem – puelo Jan 20 '18 at 19:26
-
Puelo ... I know that base64 is not an encryption. I do know the complete functionality of AES. The problem is that once I get the encrypted message , to decrypt the same I need the Iv that was used as part of encryption. So , how do I store this Iv securely is my question . – sundar Jan 20 '18 at 19:32
1 Answers
0
You can find some excellent answers here: AES encryption how to transport IV
Quote:
There is no security hole by sending the IV in cleartext - this is similar to storing the salt for a hash in plaintext: As long as the attacker has no control over the IV/salt, and as long as it is random, there is no problem.
So it is up to you how to want to transport/store the IV, as long as it is random and not controlled by an attacker. There is no established optimal way.
puelo
- 5,464
- 2
- 34
- 62