Potential vulnerability: using blank/default initialization vector

[PasqualePuzio]

Hi,

by looking at the code of this library, I noticed that it depends on this encryption library https://github.com/scottyab/AESCrypt-Android

Also, I noticed that your encrypt method is using a default/blank initialization vector, which is known to be vulnerable to ciphertext-only attacks (a great discussion on the topic can be found here http://security.stackexchange.com/questions/35210/encrypting-using-aes-256-do-i-need-iv/35216#35216). This vulnerability is also reported on the github page of the dependency.

I recommend to promptly fix this weakness by generating a random initialization vector before performing encryption.

Thanks