Encrypt, Decrypt & Verify
Full encryption lifecycle: generate key, encrypt data with AES, hash for integrity, and verify the pipeline.
이 레시피 활용 시점
Demonstrates the full encrypt-then-MAC pattern for data protection. Essential understanding for implementing secure data storage and transmission.
단계
Secret Generator
이 도구 사용해보기 →Create encryption key and IV
AES Encryption
이 도구 사용해보기 →Encrypt the sensitive data
Hash Calculator
이 도구 사용해보기 →Create integrity checksum
HMAC Generator
이 도구 사용해보기 →Add authenticated integrity
자주 묻는 질문
What is encrypt-then-MAC?
Encrypt the plaintext first, then compute a MAC (HMAC) over the ciphertext. The receiver verifies the MAC before decrypting, preventing padding oracle and other attacks.
Why not just use AES-GCM instead?
AES-GCM combines encryption and authentication in one step (AEAD). It is preferred over manual encrypt-then-MAC. This recipe demonstrates the concept; use GCM in production.
관련 레시피
Secure Password Workflow
Generate a strong password, verify its strength, and hash it for storage — a complete password security pipeline.
Web Security Header Audit
Audit your website's security headers, generate a CSP policy, evaluate it, and configure CORS.
JWT Authentication Setup
Set up JWT-based authentication: generate tokens, create signing keys, and implement TOTP for 2FA.
API Security Hardening
Harden your API with HMAC request signing, secure secrets, and SRI for client-side integrity.