6

For Encryption in Java... the article at http://cwe.mitre.org/data/definitions/329.html states that the Initialization Vector should be different each time, but if I use a different IV to decrypt than the one I used to encrypt, I get garbage characters instead of the data I expected.

What is the proper way to encrypt on one server and decrypt on another without having to communicate the IV back and forth in between servers?

The common technique seems to be to hardcode a byte array, but supposedly that's insecure???

Michael Akerman
  • 189
  • 1
  • 7
  • 1
    You misunderstood the article. The IV should be different for each encrypted message, but you must use the same IV to decrypt a given message that was used to encrypt it. See Jon Skeet's answer below. – President James K. Polk Sep 01 '11 at 21:02

1 Answers1

11

I believe an IV is like a salt - it's not a secret, it's just used to introduce an extra element of randomness so that the same message encrypted with the same key still comes out differently each time.

So you can transmit the IV used to encrypt as part of the encrypted value, just like you'd store the salt along with a hash for a hashed value.

Of course, I could be completely incorrect...

Jon Skeet
  • 1,335,956
  • 823
  • 8,931
  • 9,049
  • 4
    This is correct, the IV is XOR'd with the first block of plain text, then encrypted with the key. The remaining blocks are XOR'd with the previous block. This is called Cipher Block Chaining (CBC). You must decrypt with the same IV you used to encrypt. It is not a secret, and can be sent/stored plain. You should randomly generate a new IV each time you encrypt data. Its purpose is to add randomness to the encrypted data, so the same data, encrypted with the same key, will produce a different cipher text. – Petey B Sep 01 '11 at 20:38
  • suppose if the server encrypt the plaintext, the server has to send the encrypted text along with the IV to the client? And can IV be sent as it is, as a plain text? – OnePunchMan Jan 28 '15 at 07:46
  • 1
    @kaze: It's not clear what scenario you're talking about - but yes, you can send the IV as plain text. – Jon Skeet Jan 28 '15 at 08:17
  • 1
    Since IV is used during encryption(at server side) and the same IV is again used for decryption of that message(at the client side). So, the server need to send both the encrypted message and the IV used to encrypt that message to the client. If my understanding is correct, is there any harm in security by sending IV as a plain text to the client (as we know how CBC is done)? – OnePunchMan Jan 28 '15 at 09:28
  • @kaze: Again, no, that's fine. – Jon Skeet Jan 28 '15 at 09:41