The result of the encryption stored/sent is nonce, ciphertext, mac
In reality - for simpler applications very often we see the encryption output
composed as IV (nonce) || ciphertext || MAC (as concatenation) for AES.
AEAD mode, based on AES, such as AES-GCM or AES-GCM-SIV, does not need a MAC to verify ciphertext integrity
IV (nonce) and MAC are having fixed length,
so you can cut them out and use the parameters for decryption.
The nonce is an acronym for 'number used once'.
The crucial point is that one must **never use the (Key, nonce) pair again**.
We call it nonce-misuse. If it occurs, the confidentiality is lost
as the attacker can use the crib-dragging technique to reveal the two plaintexts
See rules and Java examples at https://gusto77.wordpress.com/2017/10/30/encryption-reference-project/
Rules to follow:
don’t invent your own crypto !!!!!!!
password is not key
cut one of your fingers for each time you reuse a nonce
