Advanced Encryption Standard (AES) is a method of securing data during transport to keep it safe. It’s often referred to as “military-grade” encryption because the United States government was the first to adopt it as the standard for securing data.
So, what is AES in cryptography?
AES is a complex cipher designed to encrypt data and keep it safe from prying eyes online. Experts consider AES to be the best encryption protocol available, and some say that it is uncrackable. It is also extremely fast and works invisibly to keep our information safe as we go about our workday.
AES was initially developed in 1998 by Belgian cryptographers Vincent Rijmen and Joan Daemen.
What does “advanced encryption” mean?
AES is a symmetric encryption that uses the same key to encrypt and decrypt data. What makes AES “advanced” is that it uses an SPN (substitution permutation network) algorithm that applies multiple rounds of encryption, making it impossible to break.
There are three lengths for AES encryption keys, each with a different number of possible combinations. The larger the number, the more combinations and the more secure the data:
- 128-bit key length: 3.4 x 1038
- 192-bit key length: 6.2 x 1057
- 256-bit key length: 1.1 x 1077
Advanced Encryption Standard 256 is the strongest, but vendors do not always use it due to the size and consumption of resources.
What is AES-256 encryption?
Advanced Encryption Standard 256 is the toughest encryption you can use, and it is virtually unbreakable because it uses a 256-bit encryption key.
256-bit AES uses a very long (256-bit) key to encrypt and decrypt each piece of data, securing it for transport. It would take millions of years to try all combinations, even using the most powerful computers we have today.
Encryption is the process of converting regular plain text to a code called a cipher. Decryption means converting it from the cipher back to plain text.
AES vs. DES encryption
Data Encryption Standard (DES) and AES use symmetric encryption, employing the same key for encryption and decryption alike. However, that is where the similarity ends.
Unlike AES, DES splits the data into two pieces and then works on encrypting each piece separately. It is also bit-oriented, whereas AES is byte-oriented.
DES, developed by IBM in 1977, is much older and slower. It uses a 56-bit key and does not offer any stronger options. DES encrypts data in 16 separate rounds.
AES is much more secure than DES, which has known vulnerabilities and can be broken. AES can encrypt 128 bits of plain text, but DES can only encrypt 64 bits of plain text. And while DES is inflexible, AES is flexible and efficient when used with hardware and software. DES is only efficient when used with hardware.
Where is Advanced Encryption Standard used?
Advanced Encryption Standard is used widely by many hardware and software companies for security across the internet.
Here are some of the currently used applications of AES 256:
- The US government uses AES encryption for secure communications and transfer of data.
- VPNs use AES to secure all communications between their clients and the data they are accessing.
- Most modern Wi-Fi networks use AES 256 to secure data.
- Mobile applications like Facebook, Instagram, Snapchat, and WhatsApp Messenger use AES to encrypt data and keep users safe.
- Compression tools like 7-Zip, WinZip, and RAR use AES to protect data when emailing or sharing it online.
- iPhone uses AES 256 to encrypt all areas of the phone that manage communications, online access, and security.
- Password managers also use AES to keep intruders out.
- Software companies use AES to protect programs while in use or when dormant.
- Cloud services like Google, AWS, and others use AES 256 to secure users’ data.
- Many hardware companies use AES 256 to secure access to devices and software.
- Email clients use AES 256 to keep email secure between senders and recipients.
The list above is only a tiny sampling of what AES is used for. Most web browsers, hard disks, backups, and file systems also use this type of encryption.
Understanding the AES Rijndael algorithm
The Rijndael (pronounced “rain doll”) is a symmetric key encryption scheme. It was developed by Vincent Rijmen and Joan Daemen and was named after the two of them.
Security experts measure the Rijndael algorithm’s success based on two principles:
- K-Secure: The algorithm has no weaknesses or vulnerabilities to known hacking attempts.
- Hermetic: Compared to other ciphers, it has no security weaknesses that other ciphers using the same key length have.
Some of the benefits of using the AES Rijndael encryption method are:
- It can safely be used on low-memory devices like cell phones and chips without impacting speed or resources.
- It uses relatively simple mathematical processes that anyone can understand.
- It’s also very flexible, allowing users to employ variable blocks and key lengths depending on the application.
How AES Rijndael encryption works
AES Rijndael encryption algorithm uses the substitution permutation network block to perform the encryption. It uses several rounds to complete the process. Here’s how it works:
- The algorithm generates a key (according to the length designated, 128, 192, or 256).
- Using a lookup table, the algorithm transforms each data byte to alternate characters from the table. It does this in a nonlinear fashion.
- The algorithm transposes the state matrix (data in the encryption process) by offsetting and cycling rows. For example, every element in the second row is shifted by one, the third row by two, and the fourth row by three states to the left. This process completely and systematically transposes characters, making them even more challenging to decrypt.
- The process applies multiplication, combining columns by a polynomial whose coefficient belongs to the finite field. Multiplication diffuses the cipher and transforms half of the ciphertext bits further.
- The final step is that the algorithm generates a subkey from the original key and adds it to the data using an XOR operation.
This complex and lengthy process results in data that is both secure and safe. Although the process is long, it takes milliseconds and is entirely transparent to the user.
As a technology user, you probably use AES security every day, all day, without even knowing it. Thankfully, AES 256 secures most of our software and devices, keeping our data safe and secure. Whenever possible, opt-in for using AES 256 to secure your devices and apps.
This is an independent publication, and it has not been authorized, sponsored, or otherwise approved by Apple Inc. iPhone is a trademark of Apple Inc.