Generate random IV

An Initialization Vector (IV) is a random number that provides a high level of security during encryption and decryption. If a same message is encrypted twice, a random IV will ensure that two completely different ciphertext are generated.

Generate random IV using SecureRandom class

1. Call the getInstance method of the SecureRandom class. Pass the Random Number Generator (RNG) and the CADP for Java Provider as arguments. You can use either use a Local RNG, generated on your system or a RNG generated on CipherTrust Manager.

   • To use Local RNG, pass SHA1PRNG as the algorithm and SUN as the provider.

   • To use RNG generated on the CipherTrust Manager, pass IngrianRNG and IngrianProvider as arguments.

2. Create a byte array according to the size for your key. For example, an AES key needs a 16 byte array and a DES or DESede key needs an 8 byte array.

3. Call the nextBytes method of the SecureRandom object. Pass the byte array as an argument.

Code sample

The following example uses a local RNG to generate a 16 byte random IV:

SecureRandom sr = SecureRandom.getInstance("IngrianRNG","IngrianProvider"); 
byte[] iv = new byte[16];
sr.nextBytes(iv);

Generate random IV in NAESession

If the NAE Server requires password authentication, then you must circumvent the CADP for Java framework from generating a random IV. The CADP for Java framework does not recommend you to pass in the NAESession object that contains the authentication information.

1. Create an NAESession object. Pass the NAE username and password as arguments.

2. Create an NAESecureRandom object. Pass the NAESession object as an argument.

Code sample

The following code sample generates a 16 byte random IV in an authenticated session.

NAESession session = NAESession.getSession ("user1","password1".toCharArray());
NAESecureRandom sr = new NAESecureRandom (session);
byte[] iv = new byte[16];
sr.nextBytes(iv);