implementing-aes-encryption-for-data-at-rest▌
mukul975/Anthropic-Cybersecurity-Skills · updated May 25, 2026
MDX-style export adds YAML metadata + attribution linking explainx.ai and this canonical listing URL.
AES (Advanced Encryption Standard) is a symmetric block cipher standardized by NIST (FIPS 197) used to protect classified and sensitive data. This skill covers implementing AES-256 encryption in GCM m
| name | implementing-aes-encryption-for-data-at-rest |
| description | AES (Advanced Encryption Standard) is a symmetric block cipher standardized by NIST (FIPS 197) used to protect classified and sensitive data. This skill covers implementing AES-256 encryption in GCM m |
| domain | cybersecurity |
| subdomain | cryptography |
| tags | - cryptography - encryption - aes - data-at-rest - symmetric-encryption |
| version | '1.0' |
| author | mahipal |
| license | Apache-2.0 |
| nist_csf | - PR.DS-01 - PR.DS-02 - PR.DS-10 |
Implementing AES Encryption for Data at Rest
Overview
AES (Advanced Encryption Standard) is a symmetric block cipher standardized by NIST (FIPS 197) used to protect classified and sensitive data. This skill covers implementing AES-256 encryption in GCM mode for encrypting files and data stores at rest, including proper key derivation, IV/nonce management, and authenticated encryption.
When to Use
- When deploying or configuring implementing aes encryption for data at rest capabilities in your environment
- When establishing security controls aligned to compliance requirements
- When building or improving security architecture for this domain
- When conducting security assessments that require this implementation
Prerequisites
- Familiarity with cryptography concepts and tools
- Access to a test or lab environment for safe execution
- Python 3.8+ with required dependencies installed
- Appropriate authorization for any testing activities
Objectives
- Implement AES-256-GCM encryption and decryption for files
- Derive encryption keys from passwords using PBKDF2 and Argon2
- Manage initialization vectors (IVs) and nonces securely
- Encrypt and decrypt entire directory trees
- Implement authenticated encryption to detect tampering
- Handle large files with streaming encryption
Key Concepts
AES Modes of Operation
| Mode | Authentication | Parallelizable | Use Case |
|---|---|---|---|
| GCM | Yes (AEAD) | Yes | Network data, file encryption |
| CBC | No | Decrypt only | Legacy systems, disk encryption |
| CTR | No | Yes | Streaming encryption |
| CCM | Yes (AEAD) | No | IoT, constrained environments |
Key Derivation
Never use raw passwords as encryption keys. Always derive keys using:
- PBKDF2: NIST-approved, widely supported (minimum 600,000 iterations as of 2024)
- Argon2id: Winner of Password Hashing Competition, memory-hard
- scrypt: Memory-hard, good alternative to Argon2
Nonce/IV Management
- GCM requires a 96-bit (12-byte) nonce that must NEVER be reused with the same key
- Generate nonces using
os.urandom()(CSPRNG) - Store nonce alongside ciphertext (it is not secret)
Workflow
- Install the
cryptographylibrary:pip install cryptography - Generate or derive an encryption key
- Create a random nonce for each encryption operation
- Encrypt data using AES-256-GCM with the key and nonce
- Store nonce + ciphertext + authentication tag together
- For decryption, extract nonce, verify tag, and decrypt
Encrypted File Format
[salt: 16 bytes][nonce: 12 bytes][ciphertext: variable][tag: 16 bytes]
Security Considerations
- Always use authenticated encryption (GCM, CCM) to prevent tampering
- Never reuse a nonce with the same key (catastrophic in GCM)
- Use at least 256-bit keys for long-term data protection
- Securely wipe keys from memory after use when possible
- Rotate encryption keys periodically per organizational policy
- For disk-level encryption, consider XTS mode (AES-XTS)
Validation Criteria
- AES-256-GCM encryption produces valid ciphertext
- Decryption recovers original plaintext exactly
- Authentication tag detects any ciphertext modification
- Key derivation uses sufficient iterations/parameters
- Nonces are never reused for the same key
- Large files (>1GB) can be processed via streaming
- Encrypted file format includes all necessary metadata
How to use implementing-aes-encryption-for-data-at-rest on Cursor
AI-first code editor with Composer
Prerequisites
Before installing skills in Cursor, ensure your development environment meets these requirements:
- ›Cursor installed and configured on your development machine
- ›Node.js version 16.0+ with npm package manager (verify with
node --version) - ›Active project directory or workspace where you want to add implementing-aes-encryption-for-data-at-rest
Execute installation command
Execute the skills CLI command in your project's root directory to begin installation:
The skills CLI fetches implementing-aes-encryption-for-data-at-rest from GitHub repository mukul975/Anthropic-Cybersecurity-Skills and configures it for Cursor.
Select Cursor when prompted
The CLI will show a list of available agents. Use arrow keys to navigate and space to select Cursor:
Verify installation
Confirm successful installation by checking the skill directory location:
Reload or restart Cursor to activate implementing-aes-encryption-for-data-at-rest. Access the skill through slash commands (e.g., /implementing-aes-encryption-for-data-at-rest) or your agent's skill management interface.
Security & Verification Notice
We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.
Skills execute code in your development environment. Always verify the publisher's identity, review recent commits, and test in isolated environments before production deployment.
List & Monetize Your Skill
Submit your Claude Code skill and start earning
Use Cases▌
Exploratory Data Analysis
Quickly understand datasets, identify patterns, and generate insights
Example
Analyze CSV with 100K rows, identify outliers, visualize correlations, suggest hypotheses
Reduce EDA time from hours to minutes, uncover insights faster
Data Cleaning & Transformation
Write scripts to clean messy data, handle missing values, normalize formats
Example
Generate Python/SQL to fix date formats, impute missing values, remove duplicates
Automate 80% of data preprocessing work
Statistical Analysis
Perform hypothesis testing, regression, and statistical modeling
Example
Run A/B test analysis, calculate confidence intervals, interpret p-values
Get statistically sound analysis without PhD in statistics
Data Visualization
Create charts, dashboards, and visual reports
Example
Generate matplotlib/seaborn code for time series plots, distribution charts, heatmaps
Build presentation-ready visualizations 3x faster
Implementation Guide▌
Prerequisites
- ›Claude Desktop or compatible AI client
- ›Python environment (pandas, numpy, matplotlib) or SQL database access
- ›Basic understanding of data analysis concepts
- ›Sample datasets for testing skill capabilities
Time Estimate
20-40 minutes to set up and run first analysis
Installation Steps
- 1.Install data analysis skill using provided command
- 2.Prepare a sample dataset (CSV, JSON, or database connection)
- 3.Start with descriptive statistics: 'Summarize this dataset'
- 4.Progress to visualization: 'Create a scatter plot of X vs Y'
- 5.Advanced analysis: 'Run linear regression and interpret results'
- 6.Validate outputs: check calculations, verify visualizations make sense
- 7.Document analysis workflow for reproducibility
Common Pitfalls
- ⚠Not validating statistical assumptions before applying tests
- ⚠Accepting visualizations without checking data accuracy
- ⚠Overlooking data quality issues (missing values, outliers)
- ⚠Misinterpreting correlation as causation
- ⚠Using wrong statistical test for data distribution
- ⚠Not considering sample size and statistical power
Best Practices▌
✓ Do
- +Always validate data quality before analysis
- +Check statistical assumptions (normality, independence, etc.)
- +Visualize data before running statistical tests
- +Document analysis steps for reproducibility
- +Cross-validate findings with domain experts
- +Use skill for initial exploration, then dive deeper manually
- +Save generated code for reuse on similar datasets
✗ Don't
- −Don't trust analysis without verifying data quality
- −Don't apply statistical tests without checking assumptions
- −Don't make business decisions solely on AI-generated analysis
- −Don't ignore outliers without investigating cause
- −Don't skip data validation and sanity checks
- −Don't use for mission-critical financial or medical analysis without expert review
💡 Pro Tips
- ★Describe data context: 'This is user behavior data from e-commerce site'
- ★Ask for interpretation: 'What does this correlation mean for business?'
- ★Request multiple approaches: 'Show 3 ways to handle missing data'
- ★Combine AI analysis with domain expertise for best insights
- ★Use for rapid prototyping, then refine analysis manually
When to Use This▌
✓ Use When
Use for exploratory data analysis, data cleaning, statistical testing, visualization prototyping, and learning new analysis techniques. Best for initial exploration and rapid insights.
✗ Avoid When
Avoid for mission-critical financial analysis, medical research requiring regulatory compliance, production ML models, or when deep statistical expertise is required for nuanced interpretation.
Learning Path▌
- 1Basic: descriptive statistics, data cleaning, simple visualizations
- 2Intermediate: hypothesis testing, regression, correlation analysis
- 3Advanced: time series analysis, clustering, predictive modeling
- 4Expert: causal inference, experimental design, advanced statistical methods
Discussion
Product Hunt–style comments (not star reviews)- No comments yet — start the thread.
Ratings
4.8★★★★★43 reviews- ★★★★★Charlotte Kapoor· Dec 20, 2024
implementing-aes-encryption-for-data-at-rest fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.
- ★★★★★Chaitanya Patil· Dec 16, 2024
implementing-aes-encryption-for-data-at-rest fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.
- ★★★★★Mateo Brown· Dec 16, 2024
Registry listing for implementing-aes-encryption-for-data-at-rest matched our evaluation — installs cleanly and behaves as described in the markdown.
- ★★★★★Jin Abbas· Dec 8, 2024
I recommend implementing-aes-encryption-for-data-at-rest for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
- ★★★★★Jin Verma· Nov 27, 2024
implementing-aes-encryption-for-data-at-rest reduced setup friction for our internal harness; good balance of opinion and flexibility.
- ★★★★★Amelia Rao· Nov 11, 2024
implementing-aes-encryption-for-data-at-rest is among the better-maintained entries we tried; worth keeping pinned for repeat workflows.
- ★★★★★Piyush G· Nov 7, 2024
implementing-aes-encryption-for-data-at-rest is among the better-maintained entries we tried; worth keeping pinned for repeat workflows.
- ★★★★★Mateo Jackson· Nov 7, 2024
Useful defaults in implementing-aes-encryption-for-data-at-rest — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
- ★★★★★Shikha Mishra· Oct 26, 2024
Keeps context tight: implementing-aes-encryption-for-data-at-rest is the kind of skill you can hand to a new teammate without a long onboarding doc.
- ★★★★★Sofia Wang· Oct 26, 2024
I recommend implementing-aes-encryption-for-data-at-rest for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
showing 1-10 of 43