Glossary

Initialization vector (IV)

IVinitialization value

An initialization vector is a non-secret input that initializes a cipher mode so repeated plaintext does not produce unsafe repeated ciphertext.

Definition

An initialization vector is an additional input that sets the starting state of a cipher mode. It allows the same plaintext encrypted under the same key to produce different ciphertext and prevents patterns from repeating across messages.

Requirements depend on the mode

An IV is usually transmitted with the ciphertext and need not be secret. CBC requires an unpredictable fresh IV, while CTR-like modes primarily require a unique counter or nonce. Using the wrong generation rule can compromise security.

IV versus nonce

The terms overlap but are not universal synonyms. A nonce emphasizes non-repetition; IV is the initialization input defined by a mode. Some APIs call the same field an IV even when its essential requirement is uniqueness rather than randomness.

Frequently asked questions

Yes, and this is normal. Security depends on satisfying the mode’s uniqueness or unpredictability rule, not on hiding the IV.

Usually no. The exact damage varies by mode, from revealing equality to exposing plaintext or enabling forgery.

It should be generated according to the mode, independently of password-derived key material unless a reviewed protocol specifies otherwise.

See also