I am new in cryptography. I need to encrypt a text using AES with some configuration
Encryption mode: GCM
Key size: 256 bits
Nonce size: 96 bits
MAC size: 128 bits
As AES is a symmetric algo. so i have a secrete key. I googled and found
nonce is a random number used to make sure a message is unique
But i have a doubt, how i can perform decryption, if nonce is a random number. do i need to store nonce along with each encryption. or any other way i need to split nonce, cipher and mac using key. how can i use the provided configuration for encryption.
But i have a doubt, how i can perform decryption, if nonce is a random number. do i need to store nonce along with each encryption.
Yes, result of the encryption stored/sent is nonce, ciphertext, mac.
how i can perform decryption, if nonce is a random number
Nonce is randomly generated when encrypting the input and the nonce is then passed along the ciphertext (very often the nonce is prepended as the first block). Indeed you need THE SAME nonce value when decrypting, then the nonce is part of the input for decrpytion, not random
or any other way i need to split nonce, cipher and mac using key. how can i use the provided configuration for encryption.
There is a standardized message format for encrypted document or encrypted XML messages, but these are pretty pretty complex.
In reality - for simpler applications very often we see the encryption output composed as IV || ciphertext || MAC (as concatenation). IV and MAC are having fixed length, so you can cut them out and use the parameters for decryption.
decryption is happening on different machine and language. they have shared only a key for encryption. same key they are using for decryption. if i will add any random value as nonce then how hey will know what logic i have used for nonc
It doesn't matter until you provide the same input. As already mentioned - you may pass the IV (nonce) as part of the message and before decryption separate the nonce and original ciphertext.
BTW: I have a few encryption examples linked