AES Encryption on Cocoa Touch

Question

Recently I have been developing an app that needs AES encryption. I am using a AES encryption library that has a call like this:

• (NSData*)encryptData:(NSData*)data key:(NSData*)key iv:(NSData*)iv;

I understand what the data and key are for but the iv or initialization vector is confusing me. Would somebody mind explaining to me the importance of this / what it is and what a proper initialization vector for AES would look like?

Also I would appreciate it if someone could point me in the right direction for learning basic programatic cryptography, any good books or tutorials out there for learning encryption using C libraries or Cocoa frameworks.

Answer 1

The iv "should" be a random string of data, you could pull data /dev/random for simplicity. It basically is the random salt that shakes up the encryption. http://en.wikipedia.org/wiki/Initialization_vector has more information on specifically what is an IV. Keep track of your iv with your key because it is used in decryption as well.

 NSString *key = @"password";
 NSString *iv = @"randomstringofcharactersfromdevrandom"

 NSData *cipherstream = [ EncryptionLibrary encryptData: data key: key iv: iv ];

 NSData *cleartext = [ EncryptionLibrary decryptData: cipherstream key: key iv: iv ];

Your initialization vector should be random per application instantiation but your key is typically persistent or obtained from an SSL Certificate.

I recommend taking a look at the a Security Transforms Programming Guide which uses SSL certificates for encryption and decryption, the initialization vectors are in the background because typically they are low level and should be viewed from an abstracted high level of managing keys not IVs.