I learned many things last week but the highlight was learning how to generate random IV to actually secure my cryptography operations. In 2013 Bitcoin theft occurred owing to generation of non-random IV’s. Reading up on many resources, I found out that there was a bug in generation of random numbers in JCA (Java cryptography architecture) until Android API version 4.1 which lead to bitcoins being stolen from android wallets. The bug has since been patched. Above API 21 SecureRandom is used to generate IV. It uses a NativePRNG technique with true random seed from /dev/random and uses /dev/urandom to generate cryptographically strong random number for IV.
For anyone interested, I wrote a weekly update encapsulating things I did last week. Check it out. Link
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.