- add SHA256 or Blake2b hash of plaintext to metadata during encryption - verify the hash during decryption
