AEAD (Authenticated Encryption with Associated Data).

A symmetric encryption primitive that provides confidentiality, integrity, and authenticity in one operation, with the ability to bind unencrypted 'associated data' (headers, routing info) to the ciphertext's authentication tag. サイバーセキュリティの 暗号 カテゴリに属します。

A symmetric encryption primitive that provides confidentiality, integrity, and authenticity in one operation, with the ability to bind unencrypted 'associated data' (headers, routing info) to the ciphertext's authentication tag.

Authenticated Encryption with Associated Data (AEAD) is the modern building block of symmetric cryptography. An AEAD scheme takes a key, a nonce, a plaintext, and arbitrary associated data (AD) and produces a ciphertext plus an authentication tag; on decryption it returns the plaintext only if the tag verifies, otherwise refusing. The associated data is authenticated but not encrypted, letting protocols bind unencrypted context such as packet headers, sequence numbers, or version metadata to the ciphertext without ever sending them encrypted. Compared to encrypt-then-MAC or MAC-then-encrypt compositions, AEAD eliminates whole classes of bugs (padding oracles, key reuse across MAC and cipher, ordering mistakes) and is what every modern protocol — TLS 1.3, QUIC, IPsec ESP-GCM, Signal, Noise, WireGuard, JWE — uses. The dominant AEAD schemes are AES-GCM and ChaCha20-Poly1305; nonce-misuse-resistant variants (AES-GCM-SIV) exist for use cases where the caller cannot guarantee unique nonces. Always prefer an AEAD over a homebrew encrypt-and-MAC composition.

AEAD (Authenticated Encryption with Associated Data) に対する防御は通常、上記の定義で述べたとおり、技術的統制と運用上の実践を組み合わせます。

一般的な別名: Authenticated encryption, AEAD scheme。