You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thank you for your library—it has definitely helped me see the light at the end of the tunnel.
After some research, I found that the initialization vector (IV) should always be randomly generated for each encryption operation to ensure robust security. Using a static IV can lead to vulnerabilities, as it compromises the cryptographic principle of uniqueness for each encryption. https://stackered.com/blog/iv-mishandling/
A potential solution could be to randomly generate the IV for each encryption and prepend it to the ciphertext. A custom database function could then extract the IV from the database column and use it to decrypt the remaining ciphertext.
Is there a chance that such an adjustment could be implemented in the near future? Alternatively, would it be possible to use the pgp_sym_decrypt database function along with a compatible C# implementation to handle encryption and decryption?
The text was updated successfully, but these errors were encountered:
Thank you for your library—it has definitely helped me see the light at the end of the tunnel.
After some research, I found that the initialization vector (IV) should always be randomly generated for each encryption operation to ensure robust security. Using a static IV can lead to vulnerabilities, as it compromises the cryptographic principle of uniqueness for each encryption. https://stackered.com/blog/iv-mishandling/
A potential solution could be to randomly generate the IV for each encryption and prepend it to the ciphertext. A custom database function could then extract the IV from the database column and use it to decrypt the remaining ciphertext.
Is there a chance that such an adjustment could be implemented in the near future? Alternatively, would it be possible to use the pgp_sym_decrypt database function along with a compatible C# implementation to handle encryption and decryption?
The text was updated successfully, but these errors were encountered: