Explaining Authenticated Encryption, such as AES-GCM

Authenticated symmetric encryption combines encryption (for confidentiality) with a Message Authentication Code (MAC) (for integrity and authenticity) in a single operation.

How It Works:

  1. Encrypt the plaintext using a symmetric cipher (e.g. AES).
  2. Generate a MAC or authentication tag (e.g. via HMAC or GCM) over the ciphertext (and optionally additional data).
  3. Transmit the ciphertext along with the tag.

On Decryption:

  • The recipient verifies the tag before decrypting.
  • If the tag is valid, the data is decrypted.
  • If the tag is invalid, the data is rejected.

Benefit:

Ensures the data is confidential and has not been tampered with—protecting against active attacks.

Examples: AES-GCM, ChaCha20-Poly1305.

AES-GCM Examples using Chilkat

Android™ Classic ASP AutoIt C Python C++ C# DataFlex Delphi Visual FoxPro Go Java Node.js Objective-C Perl PHP PowerBuilder PowerShell PureBasic Ruby Swift Tcl Visual Basic 6.0 VB.NET VBScript Xojo