A small guide you could follow to avoid a few pitfalls and apply some recommendations.
- Do not reuse the same encryption key and initialization vector (IV) for two different messages.
Doing so will risk exposure of the plain-text if an adversary manages to intercept two or more messages during transit using the same key and IV.
- Don't use ECB mode; OFB and CTR mode are somewhat better, but it's recommended to use CBC or CFB mode.
The main reason to not use ECB is because this mode leaks information about duplicate plain-text blocks which may undermine your encoded stream of data.
OFB and CTR are better, but they suffer from the aforementioned security issue of using the same IV+key combination more than once.
CFB and CBC are the most resilient against IV+key reuse, but separate messages with the same common prefix will leak out the length of said prefix. In addition, CFB leaks out the difference of the first non-identical plain-text blocks.
Hope this will help you :)
