> For AES-256 encryption, should IV be random? I am already using a random > salt, so I was wondering if IV should be random too. It should be non-repeating. It can just be a counter. (Yes, I know OP didn't ask about AESGCM. But if they're coming here for advice ... ) -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users