Data Encryption Workflow
Encrypt sensitive data with AES, manage encryption keys securely, and verify with HMAC.
이 레시피 활용 시점
Protect sensitive data at rest — user PII, payment information, health records. AES-256-GCM provides authenticated encryption, and HMAC adds an additional integrity layer.
단계
Secret Generator
이 도구 사용해보기 →Create a strong encryption key
AES Encryption
이 도구 사용해보기 →Encrypt the data
HMAC Generator
이 도구 사용해보기 →Add integrity protection
자주 묻는 질문
Why use AES-GCM instead of AES-CBC?
GCM provides authenticated encryption — it detects if the ciphertext was tampered with. CBC requires a separate MAC (like HMAC) for integrity, making GCM simpler and more secure.
How should I store encryption keys?
Never store keys alongside encrypted data. Use a key management service (KMS) like AWS KMS, HashiCorp Vault, or environment variables for development.
관련 레시피
Secure Password Workflow
Generate a strong password, verify its strength, and hash it for storage — a complete password security pipeline.
Web Security Header Audit
Audit your website's security headers, generate a CSP policy, evaluate it, and configure CORS.
JWT Authentication Setup
Set up JWT-based authentication: generate tokens, create signing keys, and implement TOTP for 2FA.
API Security Hardening
Harden your API with HMAC request signing, secure secrets, and SRI for client-side integrity.