DEV Community

Discussion on: End-to-End Encrypted Chat with the Web Crypto API

Collapse
yoursunny profile image
Junxiao Shi

This is still wrong:

For every encryption operation, it must be random and different to ensure the strength of the encryption.

IV in AES-GCM must be unique but does not need to be random.
IV in AES-CBC must be random.

Collapse
cardoso profile image
Matheus Cardoso Author • Edited

Thanks for your feedback! I considered switching to CBC, but didn't find a strong enough reason, since the AES-GCM is safe for encrypting 2^32 times with a randomly generated IV using the CSPRNG provided by the Web Crypto API.

Edit: but yes, I removed the "must" and added further details. Thanks again :)