Everything You Ever Wanted To Know About Authenticated Encryption With Additional Data (AEAD), But Were Afraid to Ask

Meet AES GCM, ChaCha20/Poly1305, AES CCM, AES SIV and AES OCB3

Don’t you just hate all of those pesky acronyms in cybersecurity? Well, let’s explain a few … AES GCM, ChaCha20/Poly1305, AES CCM, AES SIV and AES OCB3, all of which can considerably enhance the security of your system, and stop Eve from playing with your secret and trusted information. In this case, we will investigate the main methods used to create AEAD: SIV (Synthetic Initialization Vector), CCM (counter with cipher block chaining message authentication code; counter with CBC-MAC), GCM (Galois/Counter Mode), ChaCha20 (Daniel J. Bernstein’s love of dancing) and SOCB3.

Security by design

Alice creates a secret message and ciphers it with her secret key, and then sends this to Bob. He also has the secret key, so he decrypts it and reveals the secret message. It says “You can take tomorrow as a holiday”. Bob is happy and takes the holiday. Eve, though, has been listening to their communications, and, the next day, resends the ciphered message, even though she cannot read it. Bob takes the next day off, and Alice wonders why he is not at work. Eve has thus performed a replay attack on…