Arlen Beiler
Reputation: 15906
Does AES-128-GCM authenticate the IV on Node V6?
Given this code:
const bufIV = Buffer.alloc(16);
const cipher = crypto.createCipheriv(CIPHER, mykey, crypto.randomFillSync(bufIV));
let encrypted = cipher.update(doc, 'utf8', ENCODING);
encrypted += cipher.final(ENCODING);
Will the IV also be authenticated? The end of this article seems to indicate that it needs to be, but I don't really understand how this works.
Using a good IV doesn’t automatically mean your crypto is secure. You have to authenticate your ciphertexts, too. When you do, don’t forget to authenticate the IV.
Upvotes: 1
Views: 157
Answers (1)
Maarten Bodewes
Reputation: 94058
Yes, AES-GCM will automatically verify the IV, verification of the IV is included within the calculation of the authentication tag.
Now for the bad news: as you need to explicitly set the received authentication tag in NodeJS using the setAuthTag nothing will be verified in the code you've shown us.
Upvotes: 1
Related Questions
- Using AES GCM without authentication tag in Node.js?
- AES 256 GCM encryption decryption in nodejs
- "Unsupported state or unable to authenticate data" with aes-128-gcm in Node
- AES GCM encryption decryption in nodejs & Java
- AEAD AES-256-GCM in Node.js
- Can the value from node crypto.createCipheriv('aes-256-gcm', ...).getAuthKey() be public?
- AES-256-GCM in Nodejs
- nodejs AES-128-GCM "invalid initialization vector length"
- AES256 password and iv, the right way
- How to use id-aes256-GCM with Node.JS crypto? "TypeError: DecipherFinal fail"