CBC模式下，IV应当由服务器端（使用CSPRNG）随机产生。配置单一、固定的IV会显著削弱安全性。

https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV)

For most block cipher modes it is important that an initialization vector is never reused under the same key, i.e. it must be a cryptographic nonce.

duplicate of #188