I am planning to use AES encryption in GCM mode for protecting data at

Question

0

Asked: June 10, 20262026-06-10T02:16:16+00:00 2026-06-10T02:16:16+00:00

I am planning to use AES encryption in GCM mode for protecting data at

0

I am planning to use AES encryption in GCM mode for protecting data at rest for my application.

I went through the NIST recommendations for GCM mode. It mentions that the uniqueness of IV is very important. It says that if the (key, IV) pair is repeated, an adversary can construct cipher-text forgery.

Now the design of the application is such that whenever the user accesses data, the entire database is decrypted and loaded into the memory. On closing the application, the data is encrypted and persisted into the db.

What are the best ways of generating and handling IVs in this scenario?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-10T02:16:18+00:00

Editorial Team

2026-06-10T02:16:18+00:00Added an answer on June 10, 2026 at 2:16 am

You will need a new NONCE each time you encrypt, you should not encrypt with the same NONCE even if is the same field. It’s best to start each encryption with a fresh, randomly generated IV and prepend this random to the ciphertext. If you don’t you are likely to leak data, even the entire plain text.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am planning to use AES encryption in GCM mode for protecting data at

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply