Cryptology Engine

Decryption

AES, ChaCha20, RSA and other decryption algorithms

What is Decryption?

Decryption is the process of converting encrypted data (ciphertext) back to original readable data (plaintext). It is the reverse operation of encryption - those with the correct key can decrypt the encrypted data. Modern decryption algorithms are critical for secure communication over the internet, data storage, financial transactions, and protection of personal information.

Use Cases

  • Secure internet communication (HTTPS, VPN)
  • Data storage and backup
  • Email security
  • Mobile application security
  • Financial transactions
  • Cloud storage decryption
  • Messaging applications
Key Features
  • Confidentiality
  • Data integrity
  • Authentication
  • Key management
  • Performance optimization
Algorithm Comparison
Algorithm
Security
Speed
Use Cases
AES-GCM-256Very HighFast
Disk decryptionVPNSSL/TLSGeneral-purpose decryptionSlightly slower than AES-GCM-128
AES-GCM-128Very HighVery Fast
Web applicationsSSL/TLSGeneral-purpose decryption
AES-CTR (+HMAC)For secure use: decrypt-then-MAC, separate keys, unique nonce, and AAD if needed are mandatory.Very Fast
High-performance applicationsMust be used with HMACDecrypt-then-MAC scheme required
ChaCha20-Poly1305Very HighVery Fast
Mobile applicationsHigh-performance applications
AES-SIVVery HighFast
Nonce-misuse resistant applicationsSlower than GCM/ChaCha20-Poly1305 but misuse-resistant

* Comparisons are relative to reference/hardware acceleration on 64-bit CPU

AEAD (Authenticated Decryption)

Modern algorithms that provide both decryption and authentication. Guarantees both data integrity and confidentiality together.

AES-GCM
AES-CCM
AES-SIV
ChaCha20-Poly1305

Symmetric Stream/Block Modes (Unauthenticated)

Modes that provide only decryption. No authentication - must be used together with MAC (HMAC, Poly1305, etc.).

AES-CBC
AES-CTR
AES-CFB
AES-OFB
Salsa20

Asymmetric Decryption

Algorithms that use different keys for encryption and decryption. Typically used for key exchange or small data decryption.

RSA-OAEP

Key Unwrap

Algorithms designed for key unwrapping. Should not be used for data decryption - only used to securely unwrap other keys.

AES-KW

Legacy & Insecure

Older decryption algorithms no longer considered secure. Used only for backward compatibility. For 3DES: NIST SP 800-131A - Disapproved for use in applications.

DES
3DES
Related Standards
  • FIPS PUB 197
  • NIST SP 800-38A
  • NIST SP 800-38D
  • NIST SP 800-38C
  • RFC 5116
  • RFC 8017
  • NIST SP 800-131A