gitwtfhub

wtf is gcm-nonceless?

eternal-flame-ad/gcm-nonceless — explained in plain English

Analysis updated 2026-07-17 · repo last pushed 2025-11-22

1RustAudience · researcherComplexity · 3/5QuietSetup · moderate

TL;DR

A Rust tool that recovers lost nonces for AES-GCM encrypted data when you have the key but lost the nonce. Built for security researchers and forensics experts to salvage encrypted data.

Mindmap

mindmap
  root((repo))
    What it does
      Recovers lost AES-GCM nonces
      Reverses encryption math
      Decrypts without stored nonce
    Tech stack
      Rust
      AES-GCM crypto
    Use cases
      Recover old encrypted backups
      Forensics on lost nonce data
      Study encryption failures
    Audience
      Security researchers
      Forensics experts
    Tradeoffs
      Strips integrity guarantees
      Sketchy cryptanalysis
      Research use only

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Why would anyone build with this?

REASON 1

Recover encrypted data from an old backup or database where you have the key but lost the separately stored nonce.

REASON 2

Study how AES-GCM encryption systems fail when critical pieces like the nonce go missing.

REASON 3

Perform forensic analysis on encrypted data where the nonce was not recorded alongside the ciphertext.

What's in the stack?

RustAES-GCM

How it stacks up

eternal-flame-ad/gcm-noncelessabc3dz/mixxxabyo-software/ferro-stash
Stars111
LanguageRustRustRust
Last pushed2025-11-22
MaintenanceQuiet
Setup difficultymoderatemoderatemoderate
Complexity3/52/54/5
Audienceresearchergeneralops devops

Figures from each repo's GitHub metadata at analysis time.

How do you spin it up?

Difficulty · moderate Time to first run · 30min

Requires Rust toolchain and familiarity with AES-GCM encryption parameters like key, ciphertext, and authentication tag.

The explanation does not mention a license, so the licensing terms are unknown.

Wtf does this do

This project is a specialized tool for recovering encrypted data when you've lost a critical piece of the decryption puzzle called a "nonce." AES-GCM is a popular encryption method that relies on a key, the actual message, and a nonce (a number used once) to scramble data. If you have the key but lose the nonce, you're normally stuck. This tool lets you work backwards and recover that missing nonce so you can decrypt your data. The tool takes the encryption key, the scrambled message, a short authentication tag, and any extra metadata, then reverses the math to figure out the missing piece. For the common 12-byte nonce format, it can pull the exact original value back out. For other sizes, it can still calculate what it needs to generate the right decryption stream and recover your data. This is explicitly for security researchers, forensics experts, and data salvage scenarios. The README gives a concrete example: recovering a hidden message with coordinates like "Meet me at 35.89278, 137.48028." You might use this if you're analyzing an old encrypted backup or database where the key is available but the nonce was stored separately and lost, or if you're studying how encryption systems fail when pieces go missing. A major tradeoff: the tool's own README warns this is "super sketchy cryptanalysis" that strips away the integrity and authenticity guarantees that make AES-GCM secure. It's labeled as hazardous for anything beyond research and forensics. Once you use this approach, you can read the data, but you lose the mathematical proof that it hasn't been tampered with.

Yoink these prompts

Prompt 1
Help me write a Rust script that uses this gcm-nonceless tool to recover a lost 12-byte nonce from AES-GCM encrypted data, given I have the key, ciphertext, and authentication tag.
Prompt 2
Walk me through setting up and running the gcm-nonceless recovery tool on an encrypted backup where I have the AES-GCM key and ciphertext but the nonce was stored in a separate lost database table.
Prompt 3
I have an AES-GCM encrypted message with a non-standard nonce size and I still have the key and auth tag. Show me how to use this tool to recover the decryption stream and read the plaintext.

Frequently asked questions

wtf is gcm-nonceless?

A Rust tool that recovers lost nonces for AES-GCM encrypted data when you have the key but lost the nonce. Built for security researchers and forensics experts to salvage encrypted data.

What language is gcm-nonceless written in?

Mainly Rust. The stack also includes Rust, AES-GCM.

Is gcm-nonceless actively maintained?

Quiet — no commits in 6-12 months (last push 2025-11-22).

What license does gcm-nonceless use?

The explanation does not mention a license, so the licensing terms are unknown.

How hard is gcm-nonceless to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is gcm-nonceless for?

Mainly researcher.

View the repo → Decode another repo

This repo across BitVibe Labs

Don't trust strangers blindly. Verify against the repo.