GCM encryption Mode support RRS feed

  • Question

  • According to GCM Mode is not supported within .NET.  Looks like CBC is the default mode.  Is there any native within .NET for GCM mode at this time?
    Monday, August 17, 2015 3:42 PM


  • Hi MichaelJamesA,

    Here is a blog talking about Authenticated Symmetric Encryption in .NET


    The authentication tag is generated by an authenticated chaining algorithm, which is used in place of the standard chaining modes that AES can use (such as CBC or ECB).  Currently CNG supports two algorithms for generating an authentication tag with AES:

    1. Galois/Counter Mode - this is the default, and is represented by CngChainingMode.Gcm.  (
    2. Coutner with CBC-MAC - this is selected by using CngChainingMode.Ccm.  (


    The following link is a symmetric encryption/decryption routine using AES in GCM mode.

    Hope this helps.

    Note: This response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you. 

    Microsoft does not control these sites and has not tested any software or information found on these sites;Therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there.

    There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.

    Best regards,


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, August 18, 2015 8:43 AM