An overview of this article (TL;DR)TL;DR: AES-GCM is great, as long as every nonce (mnemonic: number used once) is truly unique. Once a nonce is reused, AES-GCM completely falls apart.If you’ve ever worked with AES-GCM, you may have heard that reusing a nonce can lead to catastrophic security failures. In this post, we will look at how exactly all security guarantees of AES-GCM can be broken when a nonce is reused even once.First, we’ll quickly go over AES, then explain AES-GCM in detail. We’ll ...