Security also: Authenticated Encryption with Associated Data

AEAD

Encryption that integrates confidentiality and integrity in one operation.

In plain terms

AES-GCM and ChaCha20-Poly1305 are the canonical examples. Replaces the error-prone "encrypt-then-MAC" composition that gave us Lucky13, BEAST, and POODLE. Every TLS 1.3 cipher suite is AEAD.

Origin

Phillip Rogaway named the formal construction in 2002 ("Authenticated-Encryption with Associated-Data"). RFC 5116 standardised the interface in 2008. AES-GCM and ChaCha20-Poly1305 dominate production today.

Where it shows up in production

TLS 1.3 Every cipher suite is AEAD — non-AEAD modes (CBC + HMAC) were removed from the spec entirely.
WireGuard ChaCha20-Poly1305 for the data channel; chosen for speed on devices without AES-NI hardware.
Signal Protocol Double Ratchet messages are AEAD-sealed — the primitive every modern E2E messenger relies on.

On Semicolony

Guide https

Sources & further reading

Paper Rogaway — Authenticated-Encryption with Associated-Data (2002)
RFC RFC 5116 — Interface and Algorithms for AEAD

Found this useful?