Blockchain & Cryptocurrency Glossary

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

  • search-icon Clear Definitions
  • search-icon Practical
  • search-icon Technical
  • search-icon Related Terms

Authenticated Encryption

1 min read
Pronunciation
[aw-then-ti-key-tid en-krip-shuhn]
Analogy
Imagine sending a secret message in a special tamper-proof envelope that also has your unique, unforgeable seal. Authenticated Encryption is like this: it hides the message's content (confidentiality), ensures that if anyone tries to change the message or the envelope, it will be obvious (integrity), and proves the message genuinely came from you (authenticity), all in one go.
Definition
A form of encryption that simultaneously provides confidentiality (the message is unreadable to outsiders), integrity (the message has not been tampered with), and authenticity (the message originated from the claimed sender).
Key Points Intro
AE provides both confidentiality and integrity/authenticity assurances for encrypted data.
Key Points

Combines encryption for confidentiality with a Message Authentication Code (MAC) for integrity and authenticity.

Designed to prevent attacks where an attacker might modify ciphertext without detection (e.g., padding oracle attacks).

Considered a best practice for most encryption applications.

Common AE modes include AES-GCM, AES-CCM, and ChaCha20-Poly1305.

Example
Modern TLS/SSL connections often use authenticated encryption modes (like AES-GCM) to encrypt web traffic. This ensures that not only is the data confidential, but also that it cannot be surreptitiously modified in transit by an attacker without the receiver detecting it.
Technical Deep Dive
Authenticated Encryption can be achieved in several ways: Encrypt-then-MAC (EtM), Encrypt-and-MAC (E&M), or MAC-then-Encrypt (MtE). EtM is generally considered the most secure generic composition. However, dedicated AE modes of operation (AE ciphers) like AES-GCM (Galois/Counter Mode) or ChaCha20-Poly1305 are often preferred as they are designed specifically for this purpose and can be more efficient and less prone to implementation errors. These modes typically take a key, a nonce (number used once), plaintext, and optionally 'associated data' (which is authenticated but not encrypted).
Security Warning
It's crucial to use AE schemes correctly, particularly by never reusing a nonce with the same key. Nonce reuse can lead to catastrophic failures of both confidentiality and authenticity in many AE modes. Using standardized, well-vetted AE algorithms and libraries is highly recommended.
Related Terms
Encryption

Authenticated Encryption - Related Articles

No related articles for this term.