Reputation: 63
AES-256-GCM in Nodejs
im messing around with crypto in nodejs. I want to use aes-256-gcm algoritm but I have couple questions.. Just tell me if Im getting it right..
salt = crypto.randomBytes(64)
Salt is just a radom pseudo-data, right? Just to make our encrypted string harder to read?
I want to use createCipheriv method. Here's how I do it:
crypto.createCipheriv('aes-256-gcm', key, iv)
First parameter is our algorithm, then we got our secret key (for encryption and decryption) and the last one is IV. What exactly does it mean apart from changing the encrypted string appearance? IV should be changing every time we want to encrypt something, right?
tag = cipher.getAuthTag();
What does tag mean exactly? Why do we need it?
Upvotes: 2
Views: 3866
Answers (1)
Reputation: 112875
The function of a salt is to ensure two encryptions of the same data with the same key do not produce the same encrypted data.
It should be a different random value for each encryption. Since it does not need to be secret it can be a prefix the the encrypted so the decryption function will have it available.
Imagine a message sent every day go either "buy " or "sell", it would become obvious what the message meant.
The tag is part of the authentication that ensures the encrypted message has not been altered.
GCM mode is a form of authenticated encryption that also does not require message padding.
Upvotes: 3
Related Questions
- AES 256 GCM encryption decryption in nodejs
- "Unsupported state or unable to authenticate data" with aes-128-gcm in Node
- Encryption and Decryption in Java and Javascript (Nodejs)
- Nodejs AES-256-GCM decrypt the encrypted client message by webcrypto api
- Nodejs AES-256-GCM encryption and decryption in client by browser webcrypto api
- AES GCM encryption decryption in nodejs & Java
- Encrypt/Decrypt aes256cbc in Nodejs
- About nodejs AES-128-GCM encryption after the other party can not parse the ciphertext problem
- AES GCM encrypt in nodejs and decrypt in browser?
- AEAD AES-256-GCM in Node.js