[aerogear-dev] Encrypted Data and IVs
Checking my thoughts (and hopefully spurring some discussion)
A key (and thus salt) is unique per user.
A IV is unique per encrypted message.
In an key pair, the public key is transmitted to your recipients. The
private key is kept by the user.
With a symmetric key, both parties have the key or know how to generate
the key.
The same IV has to be present for a message to be reliably encrypted and
decrypted.
Now some questions:
How is a PBKDF2 key transmitted so a message can be decrypted?
In the case of client server how should the IV be generated/transmitted?