Primitive auswählen
Mit Sammlungen den Überblick behalten
Sie können Inhalte basierend auf Ihren Einstellungen speichern und kategorisieren.
Wählen Sie Ihren Anwendungsfall aus, um das richtige Primitive zu ermitteln, und folgen Sie dann dem Link, um eine Anleitung zur Verwendung des Primitiven zu erhalten.
Daten verschlüsseln…
Mit diesen Primitiven kann Geheimtext an seinen Kontext gebunden werden.
Authentizität und Integrität von Daten sicherstellen durch…
Verschiedenes
Hast du Fragen?
Erstellen Sie ein Problem im sprachspezifischen GitHub-Repository, das auf der Organisationsseite von Tink verlinkt ist.
Sofern nicht anders angegeben, sind die Inhalte dieser Seite unter der Creative Commons Attribution 4.0 License und Codebeispiele unter der Apache 2.0 License lizenziert. Weitere Informationen finden Sie in den Websiterichtlinien von Google Developers. Java ist eine eingetragene Marke von Oracle und/oder seinen Partnern.
Zuletzt aktualisiert: 2025-07-25 (UTC).
[null,null,["Zuletzt aktualisiert: 2025-07-25 (UTC)."],[[["\u003cp\u003eTink provides cryptographic primitives for encrypting data, ensuring authenticity and integrity, and managing keys, categorized by use case for easy selection.\u003c/p\u003e\n"],["\u003cp\u003eDevelopers can choose from primitives like AEAD, Streaming AEAD, Deterministic AEAD, KMS Envelope AEAD, and Hybrid Encryption for data encryption with varying features and functionalities.\u003c/p\u003e\n"],["\u003cp\u003eMAC and Digital Signature primitives are available for verifying data integrity and authenticity, with different verification mechanisms.\u003c/p\u003e\n"],["\u003cp\u003eTink supports JSON Web Tokens (JWTs) and offers KMS-Encrypted Primitives for advanced key management scenarios.\u003c/p\u003e\n"],["\u003cp\u003eDetailed guidance on primitive usage is accessible via linked documentation for each specific implementation.\u003c/p\u003e\n"]]],["The content outlines cryptographic primitives based on use cases. For encrypting data, options include AEAD for standard needs, Streaming AEAD for large data, Deterministic AEAD for consistent ciphertexts, KMS Envelope AEAD for key protection, and Hybrid Encryption for public/private key scenarios. For data integrity and authenticity, MACs and Digital Signatures are available. Additional primitives include JWTs, and KMS-encrypted primitives for securing keysets. All encryption methods allow binding ciphertext to context. Questions can be raised in the GitHub repository.\n"],null,["# Choose a primitive\n\nSelect your use case to identify the correct primitive, then follow the link for\nguidance on using the primitive.\n\nEncrypt data...\n---------------\n\n| | Primitive | Details |\n|--------------------------------------------------------------------------------|----------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------|\n| [...in standard sizes](/tink/encrypt-data) | **Authenticated Encryption with Associated Data (AEAD)** | - Suitable for most needs - Accepts plaintexts up to 2^32^ bytes - Provides plaintext confidentiality and verifies integrity and authenticity |\n| [...in large files or data streams](/tink/encrypt-large-files-or-data-streams) | **Streaming AEAD** | - For data that is too large to be processed in a single step |\n| [...deterministically](/tink/deterministic-encryption) | **Deterministic AEAD** | - Produces same ciphertext for a given plaintext and key |\n| [...with keys protected by a KMS](/tink/client-side-encryption) | **Key Management System (KMS) Envelope AEAD** | - Encrypts every plaintext with new AEAD key - Encrypts every AEAD key with KMS |\n| [...with public key, decrypt data with private key](/tink/exchange-data) | **Hybrid Encryption** | - Not authenticated - Useful when senders cannot store secrets (private key) |\n\nThese primitives are all able to [bind ciphertext to its\ncontext](/tink/bind-ciphertext).\n\nEnsure authenticity and integrity of data by...\n-----------------------------------------------\n\n| | Primitive | Details |\n|------------------------------------------------------------------------------------------------|---------------------------------------|-------------------------------------------------------------------|\n| [...creating and verifying MAC with one key](/tink/protect-data-from-tampering) | **Message Authentication Code (MAC)** | - Very fast - Only verifiable by parties who can also create MACs |\n| [...creating signature with private key, verifying with public key](/tink/digitally-sign-data) | **Digital Signature** | - Verifiable by parties who cannot create signatures |\n\nMiscellany\n----------\n\n| | Primitive | Details |\n|-------------------------------------------------------------------------------------------|-----------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|\n| [Create and verify JWTs](/tink/create-jwts) | **JSON Web Tokens (JWTs)** | - Can additionally convert to / from JSON Web Key (JWK) format |\n| [Encrypt any primitive's keyset with a KMS](/tink/key-management-overview#encrypt_keyset) | **KMS-Encrypted Primitive** | - Doesn't require interacting with the KMS every time the primitive is used (e.g. to encrypt a plaintext), unlike [KMS Envelope AEAD](#encrypt_data) |\n\nHave a question?\n----------------\n\nCreate an issue in the language-specific GitHub repository linked on the [Tink\norganization page](https://github.com/tink-crypto)."]]
