问题
I understand the IV should be random and XORed with the plain text to start the encryption. My question is, in addition to the key, do I have to remember the random IV as well for decryption?
回答1:
The IV needs to be random, but does not need to be secret. Usual practice is to prepend the IV to the cyphertext before transmitting it. When decrypting, use the first 16 bytes of the cyphertext as the IV to decrypt the remainder. That way you do not have to store it separately, as it is included in the cyphertext.
来源:https://stackoverflow.com/questions/38928155/initialization-vector-iv-in-cbc-mode-for-aes