I am using AES/CBC to encrypt my http cookie. I never encrypt the same cookie value twice so my understanding is I don't need to use a random initial vector - using a fixed initial vector is fine for this case. A random initial vector is needed if we may encrypt the same message more than one. Is my understanding correct for my case?
Asked
Active
Viewed 93 times