Browse Definitions :
Definition

initialization vector (IV)

What is an initialization vector?

An initialization vector (IV) is an arbitrary number that can be used along with a secret key for data encryption. This number, also called a nonce, is employed only one time in any session. 

The use of an IV prevents repetition in data encryption, making it more difficult for a hacker using a dictionary attack to find patterns and break a cipher. For example, a sequence might appear twice or more within the body of a message. If there are repeated sequences in encrypted data, an attacker could assume that the corresponding sequences in the message were also identical. The IV prevents the appearance of corresponding duplicate character sequences in the ciphertext

The ideal IV is a random number that is made known to the destination computer to facilitate decryption of the data when it is received. The IV can be agreed on in advance, transmitted independently or included as part of the session setup prior to exchange of the message data. The length of the IV (the number of bits or bytes it contains) depends on the method of encryption. The IV length is usually comparable to the length of the encryption key or block of the cipher in use.

Learn More About IT:
> Spiritus-Temporis.com describes how IVs work and provides links to related topics.
> Example-code.com explains 'AES Encrypt with Initialization Vector.'
> Wikipedia has an entry about initialization vectors.

This was last updated in March 2011

Join the conversation

2 comments

Send me notifications when other members comment.

Please create a username to comment.

I have an incredibly hard time believing that a frumpy-looking woman named Margaret Rouse has any understanding of cryptosystems whatsoever. You hacks will literally print anything, consequences be damned. What if some young future engineer is mislead by this crap?
Cancel
Hi anyone.. anybody know how to generate IV using HSM? currently I used Thales.
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

  • smart contract

    A smart contract, also known as a cryptocontract, is a computer program that directly controls the transfer of digital currencies...

  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

SearchSecurity

  • Payload (computing)

    The term payload, when used in the context of networking or telecommunications, is the data carried inside of a packet (or other ...

  • access control

    Access control is a security technique that regulates who or what can view or use resources in a computing environment.

  • ethical hacker

    An ethical hacker, also referred to as a white hat hacker, is an information security expert who systematically attempts to ...

SearchHealthIT

SearchDisasterRecovery

  • virtual disaster recovery

    Virtual disaster recovery is a type of DR that typically involves replication and allows a user to fail over to virtualized ...

  • tabletop exercise (TTX)

    A tabletop exercise (TTX) is a disaster preparedness activity that takes participants through the process of dealing with a ...

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a data center.

SearchStorage

  • storage at the edge

    Storage at the edge is the collective methods and technologies that capture and retain digital information at the periphery of ...

  • Flash Storage

    Flash storage is any type of drive, repository or system that uses flash memory to keep data for an extended period of time.

  • optical disc

    An optical disc is an electronic data storage medium that can be written to and read from using a low-powered laser beam.

Close