How to implement AES with IV attached to the encrypted message

Question

So I've been trying to study AES encryption with c#. I'm a little stuck with IV's though, it's just I'm having a hard time trying to understand encryption and I'm hoping a little more explanation from other people might get me past this wall.

Anyway, I found something regarding IV's and how to send it to my web service (as this is the main purpose I'm using AES) with the encrypted message.

Here's the article I found

http://old.nabble.com/AES-decryption-with-different-IV-td31004365.html

It says there that you can attach your IV to the message when passing to the destination that decrypts it.

With that said, my question is, are they pertaining to a normal string converted from the IV that is used to encrypt the message? Or are you attaching your IV in bytes?

This is my main Decrypt

public string DecryptString(string encryptedString, string key)
{
    if (encryptedString == null || encryptedString.Length <= 0)
        throw new ApplicationException("No string to decrypt.");

    if (key == null || key.Length <= 0)
        throw new ApplicationException("No key.");

    byte[] cipherText = Convert.FromBase64String(encryptedString);

    Rijndael aes = new RijndaelManaged();
    aes.Key = StringToByte(key);
    aes.IV = GetIV(cipherText);

    ICryptoTransform decryptor = aes.CreateDecryptor();

    throw new NotImplementedException();
}

My GetIV() is

static public byte[] GetIV(string cipherText)
{
    // IV will be attached to the beginning of the encrypted String
    // needs the length of the IV
    int ivStringLength = 16;
    string ivString = cipherText.Substring(0, ivStringLength);
    byte[] ivByte = StringToByte(ivString);

    return ivByte;

}

NOW, based on this other thread that I read

https://codereview.stackexchange.com/questions/13714/symmetric-encryption-decryption-routine-using-aes

It seems that you get your IV from the encrypted BUT it wouldn't be the first N characters, BUT the first N bytes. So that got me confused!!

And another thing, shouldn't the IV be used to encrypt the message with the Key. With the last article, is he/she encrypting it with the KEY and IV and then attaching the IV again in front of the message and then converting it to string?

EDIT: Apologies, I forgot to say that I'm the one who created the Web Service and this is the encryption I'm trying to implement.

Answer 1

In the end it does not matter where you put the IV. It is normally stored before the ciphertext, as you need the IV to decrypt the first block.

Both the ciphertext and IV are bytes . You can transform them using a specific string encoding, such as base 64 if you require strings. You can either encode them separately or together.

What you cannot do is confuse between strings and byte arrays, which is what you do when you are trying to extract the IV. You should remove the bytes, not the characters from the start of the ciphertext.

Answer 2

Since you are providing a webservice, it would be beneficial for you to us Authenticated Encryption to protected against chosen ciphertext attacks .

I have two c# examples, listed Modern Examples of Symmetric Authenticated Encryption of a string. c# . In which not only does it pre-pends the IV to the ciphertext, it post-pends an Authentication tag as well.