AES-256-GCM Encryption

TorrinPass encrypts all your sensitive data using AES-256-GCM, the same encryption standard used by governments and financial institutions worldwide.

What is AES-256-GCM?

AES (Advanced Encryption Standard)

Adopted by the U.S. government in 2001
Approved for TOP SECRET classified information
The most widely used symmetric encryption algorithm

256-bit Key

2^256 possible keys (a number with 77 digits)
Brute-force attack would take longer than the age of the universe
Quantum-resistant for the foreseeable future

GCM (Galois/Counter Mode)

Provides both confidentiality (encryption) and authenticity (tamper detection)
Detects if encrypted data has been modified
Industry standard for authenticated encryption

How We Use AES-256-GCM

Encryption Process

Plaintext Password
        ↓
Generate random 12-byte nonce
        ↓
Encrypt with AES-256-GCM using MEK
        ↓
Output: Nonce + Ciphertext + Auth Tag

Decryption Process

Encrypted Data (Nonce + Ciphertext + Tag)
        ↓
Verify Auth Tag (detect tampering)
        ↓
Decrypt with AES-256-GCM using MEK
        ↓
Plaintext Password

Security Properties

Confidentiality

Without the key, the encrypted data is indistinguishable from random noise.

Authenticity

The authentication tag ensures data hasn’t been modified. Any tampering is detected.

Unique Nonces

Every encryption uses a random 12-byte nonce, ensuring the same plaintext produces different ciphertext each time.

Implementation Details

Library: Apple CryptoKit (native iOS)
Key Size: 256 bits
Nonce Size: 96 bits (12 bytes)
Tag Size: 128 bits (16 bytes)

Why Not Other Algorithms?

Algorithm	Why Not?
AES-CBC	No built-in authentication
ChaCha20	AES has hardware acceleration on iOS
3DES	Deprecated, smaller key size
RSA	Too slow for bulk encryption