AES-GCM, Advanced Encryption Standard - Galois/Counter Mode, an authenticated encryption mode that provides both encryption and authentication. One of the most widely used encryption modes in modern cryptography.
Technical Specifications
- Key Length:
- 128, 192, or 256 bit
- Block Size:
- 128 bit
- IV (Nonce) Length:
- 96 bit (12 byte) - Commonly used
- Authentication Tag Length:
- 128, 120, 112, 104, or 96 bit
- Security Level:
- Very high - Authenticated encryption
- Performance:
- High - Supports parallel processing
Usage Areas
- TLS 1.2 and TLS 1.3 protocols
- HTTPS encryption
- Secure messaging applications
- Disk and file encryption
- IPSec VPN protocol
- IEEE 802.1AE (MACsec)
- Wi-Fi Protected Access 3 (WPA3)
Features
- Authenticated encryption: Encryption and authentication in a single operation
- IV (Initialization Vector) automatically generated randomly for each encryption
- Data integrity check: Automatic change detection
- Parallel processing: Hardware support for performance optimization
- Easy to use: AEAD (Authenticated Encryption with Associated Data) support
Standards and References
- NIST Special Publication 800-38D
- ISO/IEC 19772:2009
- RFC 5288 (AES-GCM Cipher Suites for TLS)
- RFC 5116 (An Interface and Algorithms for Authenticated Encryption)