The result of the encryption stored/sent is nonce, ciphertext, mac
    In reality - for simpler applications very often we see the encryption output
    composed as IV (nonce) || ciphertext || MAC (as concatenation) for AES.
    AEAD mode, based on AES, such as AES-GCM or AES-GCM-SIV, does not need a MAC to verify ciphertext integrity
    IV (nonce) and MAC are having fixed length,
    so you can cut them out and use the parameters for decryption.

    The nonce is an acronym for 'number used once'.
    The crucial point is that one must **never use the (Key, nonce) pair again**.
    We call it nonce-misuse. If it occurs, the confidentiality is lost
    as the attacker can use the crib-dragging technique to reveal the two plaintexts

    See rules and Java examples at https://gusto77.wordpress.com/2017/10/30/encryption-reference-project/

    Rules to follow:
    don’t invent your own crypto !!!!!!!
    password is not key
    cut one of your fingers for each time you reuse a nonce