You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An initialization vector has different security requirements than a key, so the IV usually does not need to be secret. However, in most cases, it is important that an initialization vector is never reused under the same key. For CBC and CFB, reusing an IV leaks some information about the first block of plaintext, and about any common prefix shared by the two messages.
Sounds like you can simply prefix your encrypted data with a unique nonce (like Date.now() + random_value). The random_value is a value in RAM used to keep the none unique in a cluster of nodes. Sha256 hash the nonce to get the IV value.
The text was updated successfully, but these errors were encountered:
Looks like your using a CBC (
aes-128-cbc
), so this should apply to you:https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_.28IV.29
Sounds like you can simply prefix your encrypted data with a unique nonce (like
Date.now()
+ random_value). The random_value is a value in RAM used to keep the none unique in a cluster of nodes. Sha256 hash the nonce to get the IV value.The text was updated successfully, but these errors were encountered: