An Initialization Vector (IV) is a fixed-size & non-secret input used with a secret key to initiate AES encryption in block cipher modes such as CBC (Cipher Block Chaining), CFB (Cipher Feedback), CTR (Counter), and GCM (Galois/Counter Mode). It uses an initialization vector (IV) in the encryption process so that identical plaintext blocks produce unique ciphertexts, even when encrypted with the same key.
Role of IV in AES Block Cipher Modes
AES is a symmetric key block cipher that processes fixed-size blocks (128 bits). Depending on the mode of operation, the IV serves different purposes:
CBC (Cipher Block Chaining)
Each plaintext block is XORed with the previous ciphertext block before encryption. The IV acts as the "previous ciphertext" for the first block.
C0 = AES_Encrypt(P0 ??? IV)C1 = AES_Encrypt(P1 ??? C0)If the IV is not random and unpredictable, the first ciphertext block could leak information about the first plaintext block.
CTR (Counter Mode)
The IV is used as part of the counter block. AES encrypts this counter, and the output is XORed with the plaintext. The counter must be unique for every encryption operation under the same key.
C0 = P0 ??? AES_Encrypt(IV + 0)C1 = P1 ??? AES_Encrypt(IV + 1)Any repetition of IVs (nonces) in CTR mode under the same key will result in keystream reuse and can completely break confidentiality.
GCM (Galois/Counter Mode)
In GCM mode, the IV is part of the input that determines the counter used during encryption and contributes to the authentication tag. A 96-bit IV is strongly recommended. If used, it requires no additional hashing.
IV Size and Format
- Standard IV size: 128 bits (16 bytes)
- GCM exception: 96 bits recommended, with padding applied if different lengths are used
IV requirements vary by mode:
| Mode | IV Requirement |
| CBC / CFB | Random |
| CTR / GCM | Unique |
Secure IV Generation
You must generate IVs using a secure random source to prevent reuse or predictability. Repeating an IV with the same key compromises encryption integrity.
from Crypto.Cipher import AESfrom Crypto.Random import get_random_byteskey = get_random_bytes(16)iv = get_random_bytes(16) # 128-bit IVcipher = AES.new(key, AES.MODE_CBC, iv)Explanation:
- get_random_bytes: Ensures the IV is securely generated using a cryptographically strong random number generator.
- IV must be preserved or transmitted alongside the ciphertext to allow successful decryption.
IV in Video Encryption (HLS/DASH)
In video streaming (e.g., AES-128 encryption in HLS), the IV ensures that identical segments (e.g., intro clips or repeated frames) do not produce identical encrypted outputs:
#EXT-X-KEY:METHOD=AES-128,URI="key.key",IV=0x1a2b3c4d5e6f77889900aabbccddeeffExplanation:
- IV=0x...: Sets an explicit IV for segment encryption. If reused across segments with the same key, it can lead to repeated ciphertext patterns.
- Unique IVs are required per segment to prevent content exposure through pattern analysis.