Reputation: 113
Using IV with Key Derivation in AES 256 BIT
I'm developing a php system where all data is encrypted by a key derived from the user's password. I've already been able to derive the key, but to encrypting data with AES requires the key and IV. That is where my doubt was born: In this case, I suppose I should store IV to decrypt the data later. Where do I store? In the database or in a file on the server? Or is it not correct to store the IV and is there another way to get the same IV for the same key?
Upvotes: 0
Views: 197
Answers (1)
Reputation: 9805
Don't derive an IV from the same source that you derive the key from. You should use a randomly generated IV for each encryption operation and simply store the IV with the ciphertext.
It is common to simply prepend the IV to the ciphertext so that it can be retrieved easily when the data needs to be decrypted. The IV does not need to be secret, so the above method is completely secure.
To reiterate, because it is important, do not derive the IV from a KDF or similar, always randomly generate a new IV for each encryption operation.
Upvotes: 2
Related Questions
- How to securely generate an IV for AES CBC Encryption?
- AES encryption without IV in PHP and JS gives different result
- PHP AES key and iv format
- AES-256 in PHP and securely storing keys?
- Derive key and IV from string for AES encryption in CryptoJS and PHP
- Decrypting with different IV
- Extract IV from the encrypted string
- Encrypting IV with string and decrypting it?
- AES 128 CBC: How to calculate correct IV?
- Is it possible to use AES with an IV in ECB mode?