So What Is AEAD? And Why Is It So Important for Encryption?
Alice creates a secret message and ciphers it with her secret key, and then sends this to Bob. He also has the secret key, and so he decrypts it and reveals the secret message. It says “You can take tomorrow as a holiday”. Bob is happy and takes the holiday. Eve, though, has been listening to their communications, and, the next day, resends the ciphered message, even though she cannot read it. Bob takes the next day off, and Alice wonders why he is not at work? Eve has thus performed a replay attack on Alice’s ciphered message. So what we need is to bind the cipher to a network connection or a session, in order that Eve cannot recreate the same scenario.
With enhanced encryption methods, we can both authenticate the cipher and prove its integrity. This is known as Authenticated Encryption with Associated Data (AEAD). For this we provide additional data to authenticate the encryption process, and where we can identify where the ciphertext has been modified, and for it not to be decrypted. With most conventional AEAD methods we create a nonce value and add additional data (AD) that is authenticated but not encrypted. The additional data can include [here]:
addresses, ports, sequence numbers, protocol version numbers, and other fields that indicate how the plaintext or ciphertext should be handled, forwarded, or processed
