AES GCM implementation in c#

c# aes aes-gcm
12,395

AAD stands for Additional Authenticated Data or Additional Associated Data. This is data that can be send in the clear together with the cipher text. Both the cipher text and the AAD are validated for integrity when you perform the combined verification and decryption of an AEAD cipher.

AAD data is not a key, it's just plain data you can include in your protocol which needs to be protected for integrity, but does not need (or, more logically, would not be useful with) encryption. A good example would be a header of an encrypted IP packet; if you encrypt it you cannot use it for routing, if you don't protect it's integrity, an attacker may change the message length or source address without the receiver knowing about it.

Note that AEAD ciphers already include the IV / nonce in the calculation of the authentication tag. It is therefore unnecessary to include it in the AAD. The AAD is often used to include sender, receiver and possibly message identification number - if that's present outside of the encrypted part of the message.

Share:
12,395
crawfish
Author by

crawfish

I live in mud and eat dead stuff

Updated on June 13, 2022

Comments

  • crawfish
    crawfish almost 2 years

    I am implementing an AES cipher in GCM mode in c#. My question pertains to the "additional authenticated data"(AAD). In the following code from

    http://blogs.msdn.com/b/shawnfa/archive/2009/03/17/authenticated-symmetric-encryption-in-net.aspx

    it is unclear where I should get the AAD from, and how I should retrieve the AAD specific to this encryption during decryption:

    // Authenticated data becomes part of the authentication tag that is generated during
// encryption, however it is not part of the ciphertext.  That is, when decrypting the
// ciphertext the authenticated data will not be produced.  However, if the
// authenticated data does not match at encryption and decryption time, the
// authentication tag will not validate.
aes.AuthenticatedData = Encoding.UTF8.GetBytes("Additional authenticated data");

    Any clarification on how to use this AAD would be much appreciated. Thanks

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Decrypt M3U8 Playlist encrypted with AES-128 without IV
AES cipher in GCM, CCM, or CBC-MAC mode?
"Padding is invalid and cannot be removed" -Whats wrong with this code?
Encrypt AES with C# to match Java encryption
How can I decrypt a string using AES algorithm in c#?
c# AES Decryption
AES Encryption in Java and Decryption in C#
Reading from a cryptostream to the end of the stream
Encrypt the string In Typescript And Decrypt In C# using Advanced Encryption Standard Algorithm(AES)
C# AES Encryption Byte Array