Andrew Chernow wrote:
>
>> Encrypting lots of small chunks of data with the same key is a very
>> dangerous thing to do and it's very tricky to get right.
>
> Using an initialization vector (IV) is the way to go, recommend using
> CBC or CFB mode. Although, an IV is never supposed to be used more
> than once with the same key; that can leak hints about the plaintext.
> Where is the randomly generated IV stored for use during decryption?
Well, you can store it along with the encrypted data. The IV doesn't
need to be secret, just random. I do that for one of my clients.
cheers
andrew