Updated: 2021-02-21


AES: Advanced Encryption Standard.

  • successor of Data Encryption Standard (DES)
  • symmetric-key algorithm
  • can be accelerated by hardware (like graphics can be accelerated by GPU), supported by instruction set extensions in Intel Core i3/i5/i7, AMD Ryzen CPUs, ARMv8.


  • AE: Authenticated Encryption
  • AEAD: Authenticated Encryption with Associated Data

AEAD: authenticity (who the sender is) and integrity (the data has not been tampered with) of that data, but not its secrecy


  • AEAD: encrypts data and ensures the authenticity
  • MAC: does not encrypt, but ensures that data is authentic


  • MAC: message authentication code. (A.k.a a tag)
  • HMAC: hash-based message authentication code, using a cryptographic hash function like SHA-3, which results in a name like HMAC-SHA3-256.

Purpose: confirm (1) the message came from the stated sender (2) the message has not been changed.

Cryptographic hash function

Or Message Digest

  • transform a sequence of bits into a fixed sequence of bits.
  • a one-way, non-invertible function

Input and output:

  • input data: message(any string)
  • output: message digest(the hash value).

Methods: (SHA = Secure Hash Algorithm)

  • SHA-1 (1995): 160-bit (20-byte). Deprecated. All major browsers stopped accepting SHA-1 SSL certificates by 2017.
  • SHA-2 (2001): a family of six hash functions, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256 (numbers are num of bits).
  • SHA-3 (2015): SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, SHAKE256
  • MD5: 128bit, used as a checksum to verify data integrity, but only against unintentional corruption.


  • SHA-224 and SHA-256 share the same specification, but use different initial hash values, and the final hash value is truncated to 224 bits for SHA-224.
  • similar to SHA-512, SHA-384, SHA-512/224 and SHA-512/256, except that the final hash value is truncated to 224 bits for SHA-512/224, 256 bits for SHA- 512/256 or 384 bits for SHA-384.
  • SHA-256 is faster on 32-bit hardware


Most Android devices have hardware support for AES via ARMv8 Cryptography Extensions. However for low-end devices, this is not supported, AES is slow.

Adiantum is Google's solution, which uses uses a fast hash (NH + Poly1305) and a fast stream cipher (XChaCha12).