发表新帖
发表新帖

Encryption: Use of initialization vector vs key?

前端 未结
关注
4 781
半阙折子戏
半阙折子戏 2021-02-05 08:24

I am using PHP\'s mcrypt library and the AES-256 (rijndael) algorithm, which requires both a key + initialization vector to run.

My logical br

4条回答
  • 攒了一身酷
    攒了一身酷 (楼主)
    2021-02-05 09:11

    Initialization Vector (IV) is not a key at all, and is not secret. In fact, it is often exposed (e.g. prepended to the encrypted data). It is used as an additional random input to the encryption algorithm so that the result of encrypting the same clear data is different each time you use a different IV. This way, statistics cannot be gathered on the encrypted data. It does not "improve" the encryption strength by itself.

    You can look here for nice diagrams showing how and why IV is used.

    0 讨论(0)
 看不清?
提交回复
热议问题