Missing randomization in cyphertext

[velchev]

Hi guys, the project works perfectly but I noticed one bit issue. When someone encrypts one and the same plaintext will get one and the same cyphertext. This means that if someone listens in the middle - the bad Eve she will be able to guess what has been sent.

Normally the password will never change for an application and I assume that this could be used to encrypt url requests for example - small length of strings. In such use I do not think that is secure enough.

What should be done is to introduce salt - random length. Something which is done in C# here: http://www.obviex.com/samples/encryptionwithsalt.aspx

I need that for a personal project and need to encrypt and decrypt this random cyphertext in iOS app and on web server with C#. Will try to implement that in objective-c and contribute if possible to your project.