When encrypting data with the Cipher Block Chaining (CBC) mode an Initialization Vector (IV) is used to randomize the encryption, ie under a given key the same plaintext doesn't always produce the same ciphertext. The IV doesn't need to be secret but should be unpredictable to avoid "Chosen-Plaintext Attack".

To generate Initialization Vectors, NIST recommends to use a secure random number generator.

Noncompliant Code Example

For PyCryptodome module:

from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
from Crypto.Util.Padding import pad, unpad

static_vector = b'x' * AES.block_size
cipher = AES.new(key, AES.MODE_CBC, static_vector)
cipher.encrypt(pad(data, AES.block_size))  # Noncompliant

For cryptography module:

from os import urandom
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes

static_vector = b'x' * 16
cipher = Cipher(algorithms.AES(key), modes.CBC(static_vector))
cipher.encryptor()  # Noncompliant

Compliant Solution

For PyCryptodome module:

from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
from Crypto.Util.Padding import pad, unpad

random_vector = get_random_bytes(AES.block_size)
cipher = AES.new(key, AES.MODE_CBC, random_vector)
cipher.encrypt(pad(data, AES.block_size))

For cryptography module:

from os import urandom
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes

random_vector = urandom(16)
cipher = Cipher(algorithms.AES(key), modes.CBC(random_vector))
cipher.encryptor()

See