How To know the AES Encryption Key is correct at the receiver side?

Question

Firstly I'm new to cryptography. Suppose I encrypt a plain test using AES 128 bit Encryption and passed to the receiver. The key is also passed to the receiver. At the receiver side how can I check the KEY is correct or not without fully decrypting the message. What I mean is can we check like this

IF(KEY==something)

       DECRYPT

ELSE

      NOT a correct key. 

Is there anything to do with IV? I really Don't understand what the IV is.

Answer 1

Firstly, passing the ciphertext and key through an insecure channel is, as you can probably determine, insecure. Keeping the ciphertext and key together in the same place is the same as keeping the plaintext, so don't do that.

Rather than determine if a given key is correct for the ciphertext, cryptographic systems instead determine if the ciphertext is legitimate before they even decrypt. The most common way to do this is using a MAC, or Message Authentication Code. HMACs are a common way to do this, as are Authenticated block modes like GCM.

Lastly, an IV is used to ensure that duplicated blocks of plaintext don't result in repeated blocks of ciphertext. E.g. in ECB mode, which doesn't use an IV, each identical block of plaintext will encrypt to the same ciphertext under a given key. Applying an IV (in modes like CBC), will ensure that identical plaintext blocks look different due to a chained XOR operation that starts with the IV.

To solve your problem, either use GCM mode or use a KDF to derive a symmetric key and a key for an HMAC.