Data encryption is performed by encrypting plaintext to obtain unintelligible ciphertext. For example, encryption may be performed using as input an encryption key and an initialization vector in addition to the plaintext. However, current encryption schemes do not adequately manage the initialization vector.
Embodiments of the present invention provide a method, and associated computer program product and computer system.
A processor of a computer system generates ciphertext by applying an initialization vector and an encryption key to plaintext.
The processor combines the initialization vector with the ciphertext to generate encrypted data, by using an embedding rule to perform the combining, wherein said using the embedding rule comprises generating the encrypted data by dividing the initialization vector into a specified number of bits to obtain an ordered sequence of initialization vector fragments; dividing the ciphertext into a specified number of bits to obtain ciphertext fragments; and distributing the initialization vector fragments between the ciphertext fragments according to the order of the initialization vector fragments in the sequence.
The present invention provides a computer system comprising a processor, a memory coupled to the processor, and a computer readable storage device coupled to the processor, said storage device containing program code which, upon being executed by the processor via the memory, implements a method for encrypting data, said method comprising:
said processor generating an initialization vector;
said processor generating ciphertext from plaintext by applying the initialization vector and an encryption key to the plaintext; and
said processor combining the initialization vector with the ciphertext to generate encrypted data, by using an embedding rule to perform said combining.