pawanpandey101
commented
2 years ago @Paytm-Payments-Admin this seems important, a constant IV might make it easier for an attacker to guess the data, any ETA on this?
Open TheStarkster opened 3 years ago
pawanpandey101
commented
2 years ago @Paytm-Payments-Admin this seems important, a constant IV might make it easier for an attacker to guess the data, any ETA on this?
Its more of a suggestion than an issue that please use a new IV for every encryptions. this is even recommended by CTR security. Because reusing an IV leaks some information about the first block of plaintext