auth_en/decrypt: Add explanation and more efficient decryption

Added an explanation that what we do is like normal CBC but that we
additionally encrypt the IV which is actually suggested by the NIST for
non-random (but unique) IVs. In the decryption process it's not
necessary to decrypt the IV, this should save some time.