Leaderboard

To build on that, AES can even be found in ARM CPUs nowadays, especially those supporting aarch64. To answer Mr. Mas99's question about what the more secure cipher is, it's ChaCha20-Poly1305. For performance and, as written, with availability of AES instruction sets in CPUs, AES-256-GCM should be preferred. CBC should not be used. Compared to AES, ChaCha20 is more resilient against certain kinds of attacks. For example, AES can be attacked with a carefully built timing-based attack in software. Some cryptographically interesting characteristics of AES render it slightly more prone for collision attacks, too. ChaCha20 solves those problems at least. In the end, abusing this is still quite an ordeal, so AES is still a good choice. About CBC vs. GCM, both XOR ("randomize") the plaintext, but in different ways. CBC XORs the plaintext with the preceding cipherblock (hence the name Cipher Block Chaining) and encrypts that. An attacker would know the previous cipherblock, though, and the ciphertext depends on that data. GCM maintains something like a counter, an internal variable, and encrypts this, then XORs it with the plaintext. An attacker can't know this internal variable on which the ciphertext depends, therefore, GCM offers inherited security.

CHACHA and AES are both super strong. CHACHA is more efficient on phones and so may give you better speeds and longer battery life. AES is more efficient on most computers because computers now are built with the AES-NI New Instruction set hardware extensions to support encryption. Google on how to verify your computer CPU has the AES-NI feature. The CBC alternative is also plenty strong but IIRC (my memory is always a question) differs in some details of initial negotiation that make GCM the slightly better alternative. Plenty of comparisons online if you want more.