When encryption sensitive information using the .NET AesCryptoServiceProvider
library I generate a unique Initialization Vector (IV) for each value that is encrypted. In the database record where I save the encrypted data I have a field named "IV" which stores the Initialization Vector for use in later decryption.
Is there a different way in which the Initialization Vector can be stored alongside the cipher-text? By appending the IV to the Cipher Text perhaps? If so, is there a standard approach?
Is there a different way in which the Initialization Vector can be stored alongside the cipher-text? By appending the IV to the Cipher Text perhaps?
Yes, you can do exactly that. Prepending it to the ciphertext works. Since the IV has fixed size depending on block mode, block cipher and protocol, you can slice the IV off during decryption and treat the remaining bytes as the actual ciphertext.
If so, is there a standard approach?
No, there is no standard. A common way is to prepend the IV. If you're applying the Cryptographic Message Standard (CMS), then there is a little bit about how the IV is stored. RFC3370