KomentaS
KomentaS

Reputation: 63

AES-256-GCM in Nodejs

im messing around with crypto in nodejs. I want to use aes-256-gcm algoritm but I have couple questions.. Just tell me if Im getting it right..

salt = crypto.randomBytes(64)

Salt is just a radom pseudo-data, right? Just to make our encrypted string harder to read?

I want to use createCipheriv method. Here's how I do it:

crypto.createCipheriv('aes-256-gcm', key, iv)

First parameter is our algorithm, then we got our secret key (for encryption and decryption) and the last one is IV. What exactly does it mean apart from changing the encrypted string appearance? IV should be changing every time we want to encrypt something, right?

tag = cipher.getAuthTag();

What does tag mean exactly? Why do we need it?

Upvotes: 2

Views: 3866

Answers (1)

zaph
zaph

Reputation: 112875

The function of a salt is to ensure two encryptions of the same data with the same key do not produce the same encrypted data.

It should be a different random value for each encryption. Since it does not need to be secret it can be a prefix the the encrypted so the decryption function will have it available.

Imagine a message sent every day go either "buy " or "sell", it would become obvious what the message meant.

The tag is part of the authentication that ensures the encrypted message has not been altered.

GCM mode is a form of authenticated encryption that also does not require message padding.

Upvotes: 3

Related Questions