How to transport the initiation vector with the session key in AES encryption

1
votes

as i am a newbie to the encryption concepts. i supposed to do the application which sends the data which is encrypted by AES symmetric technique. Also i need to send the key which i used to encrypt in the form of encrypted format using asymmetric RSA technique to the other hand. I have done the encryption using AES symmetric encryption technique using 256 bit key and now i have encrypted data, key, and initiation vector(IV) in bytes. While i trying to decrypt i get to know initiation vector also needed to get the exact data.

Now my question is

1.how do i send the Key with the Initiation vector IV to the other hand?.

2.whether i need to join it with the encrypted data or with the byte key. what is the standard way to send the initiation vector with the key?

3.i need to encrypt the key with the Asymmetric encryption method with the public key. how they can read the key and IV on the other hand after decryption with the private key

My AES encryption code in C#:

public byte[] SymmetricAESEncryption(string plainText, byte[] key, byte[] initVector)
    {
        byte[] encrypted;
        using (Aes objAES = Aes.Create())
        {
            objAES.KeySize = 256;

            ICryptoTransform encryptor = objAES.CreateEncryptor(key, initVector);

            using (MemoryStream msEncrypt = new MemoryStream())
            {
                using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                {
                    using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
                    {
                        swEncrypt.Write(plainText);
                    }
                    encrypted = msEncrypt.ToArray();
                }
            }
        }
        return encrypted;
    }

AES Decryption code in C#:

static string DecryptStringFromBytes(byte[] cipherText, byte[] Key, byte[] IV)
    {
        string plaintext = null;
        using (Aes rijAlg = Aes.Create())
        {
            rijAlg.Key = Key;
            rijAlg.IV = IV;
            ICryptoTransform decryptor = rijAlg.CreateDecryptor(rijAlg.Key, rijAlg.IV);

            using (MemoryStream msDecrypt = new MemoryStream(cipherText))
            {
                using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                {
                    using (StreamReader srDecrypt = new StreamReader(csDecrypt))
                    {
                        plaintext = srDecrypt.ReadToEnd();
                    }
                }
            }

        }
        return plaintext;

    }

My Asymmetric code in C#

X509Certificate2 objCertificate = new X509Certificate2();
        objCertificate.Import(Encoding.UTF8.GetBytes(rawData.ToString().Trim()));

        RSACryptoServiceProvider objAsyAlgm1 = (RSACryptoServiceProvider)objCertificate.PublicKey.Key;

        byte[] SessionKeyEncryptValue = objAsyAlgm1.Encrypt(sessionKey, false);
1
c#encryptionaes

1 Answers

1
votes

The IV does not need to be kept secure. It is usual to prepend the IV to the cyphertext and send them together. The receiving end uses the first 128 bits of the incoming message as the IV and treats the rest as the cyphertext.

The key, of course, needs to be sent separately under RSA (or equivalent) encryption.