What is Authenticated Encryption?
An encryption method that simultaneously provides confidentiality, integrity, and authenticity, ensuring data hasn't been tampered with.
Also known as: AEAD
Authenticated encryption solves the fundamental problem that encryption alone doesn't prevent modification.
The Problem
- Standard encryption hides data but an attacker can flip bits in the ciphertext
- The decrypted result is garbage, but the system doesn't know that
- This enables attacks like padding oracles and ciphertext manipulation
The Solution (AEAD)
Authenticated Encryption with Associated Data provides:
- Confidentiality: Data is encrypted
- Integrity: Any modification is detected
- Authenticity: Proves who encrypted the data
- Associated Data: Unencrypted metadata that's also integrity-protected
Standard Algorithms
- AES-GCM: The most widely used AEAD
- ChaCha20-Poly1305: The main alternative
Rule
Never use unauthenticated encryption (plain AES-CBC, AES-CTR) for new systems. Always use AEAD.
Related Terms
AES-GCM
A mode of AES encryption that provides both confidentiality and authentication in a single operation, widely used in TLS and disk encryption.
ChaCha20-Poly1305
A modern authenticated encryption algorithm that provides both confidentiality and integrity, widely used as an alternative to AES-GCM.
Have more questions?
Use our guided flow to get the right next privacy step for Authenticated Encryption.
Open Guided Flow