Does IV work like salt

AES itself does not directly use a salt (or indeed, an IV).

A situation when you might use a salt in combination with AES is when you are using Password Based Encryption (PBE). In this scheme, a human-memorizable password is used, in combination with a salt, to generate an AES key. A salt is used so that the same password does not always generate the same key; however, because the recipient must be able to generate the correct key, the salt must be transmitted along with the encrypted data.

An IV is required if you are using AES in certain block cipher modes, like CBC. In this case, it used to ensure that the same plaintext data under the same key does not always encrypt to the same ciphertext. Again, the IV is required by the recipient to correctly decrypt the data, so it must be transmitted along with the encrypted data.

So, if you are using PBE with AES in CBC mode as the underlying cipher, you would expect to have to send both a PBE salt and a CBC IV along with the encrypted data.

Leave a Comment

Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)