The Advanced Encryption Standard, or AES, is a symmetric block cipher chosen by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.
The National Institute of Standards and Technology (NIST) started development of AES in 1997 when it announced the need for a successor algorithm for the Data Encryption Standard (DES), which was starting to become vulnerable to brute-force attacks.
This new, advanced encryption algorithm would be unclassified and had to be "capable of protecting sensitive government information well into the next century," according to the NIST announcement of the process for development of an advanced encryption standard algorithm. It was intended to be easy to implement in hardware and software, as well as in restricted environments (for example, in a smart card) and offer good defenses against various attack techniques.
The selection process for this new symmetric key algorithm was fully open to public scrutiny and comment; this ensured a thorough, transparent analysis of the designs submitted.
NIST specified the new advanced encryption standard algorithm must be a block cipher capable of handling 128 bit blocks, using keys sized at 128, 192, and 256 bits; other criteria for being chosen as the next advanced encryption standard algorithm included:
Fifteen competing symmetric key algorithm designs were subjected to preliminary analysis by the world cryptographic community, including the National Security Agency (NSA). In August 1999, NIST selected five algorithms for more extensive analysis. These were:
Implementations of all of the above were tested extensively in ANSIC and Java languages for speed and reliability in encryption and decryption; key and algorithm setup time; and resistance to various attacks, both in hardware- and software-centric systems. Members of the global cryptographic community conducted detailed analyses (including some teams that tried to break their own submissions).
After much feedback, debate and analysis, the Rijndael cipher -- a mash of the Belgian creators' last names Daemen and Rijmen -- was selected as the proposed algorithm for AES in October 2000 and published by NIST as U.S. FIPS PUB 197. The Advanced Encryption Standard became effective as a federal government standard in 2002. It is also included in the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 18033-3 standard, which specifies block ciphers for the purpose of data confidentiality.
In June 2003, the U.S. government announced that AES could be used to protect classified information, and it soon became the default encryption algorithm for protecting classified information as well as the first publicly accessible and open cipher approved by the NSA for top-secret information. The NSA chose AES as one of the cryptographic algorithms to be used by its Information Assurance Directorate to protect national security systems.
Its successful use by the U.S. government led to widespread use in the private sector, leading AES to become the most popular algorithm used in symmetric key cryptography. The transparent selection process helped create a high level of confidence in AES among security and cryptography experts. AES is more secure than its predecessors -- DES and 3DES -- as the algorithm is stronger and uses longer key lengths. It also enables faster encryption than DES and 3DES, making it ideal for software applications, firmware and hardware that require either low latency or high throughput, such as firewalls and routers. It is used in many protocols such as Secure Sockets Layer (SSL)/Transport Layer Security (TLS) and can be found in most modern applications and devices that need encryption functionality.
AES comprises three block ciphers: AES-128, AES-192 and AES-256. Each cipher encrypts and decrypts data in blocks of 128 bits using cryptographic keys of 128-, 192- and 256-bits, respectively. The Rijndael cipher was designed to accept additional block sizes and key lengths, but for AES, those functions were not adopted.
Symmetric (also known as secret-key) ciphers use the same key for encrypting and decrypting, so the sender and the receiver must both know -- and use -- the same secret key. All key lengths are deemed sufficient to protect classified information up to the "Secret" level with "Top Secret" information requiring either 192- or 256-bit key lengths. There are 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys -- a round consists of several processing steps that include substitution, transposition and mixing of the input plaintext and transform it into the final output of ciphertext.
The AES encryption algorithm defines a number of transformations that are to be performed on data stored in an array. The first step of the cipher is to put the data into an array; after which the cipher transformations are repeated over a number of encryption rounds. The number of rounds is determined by the key length, with 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys.
The first transformation in the AES encryption cipher is substitution of data using a substitution table; the second transformation shifts data rows, the third mixes columns. The last transformation is a simple exclusive or (XOR) operation performed on each column using a different part of the encryption key -- longer keys need more rounds to complete.
Research into attacks on AES encryption has continued since the standard was finalized in 2000. Various researchers have published attacks against reduced-round versions of the Advanced Encryption Standard.
In 2005, cryptographer Daniel J. Bernstein published a paper, "Cache-timing attacks on AES," in which he demonstrated a timing attack on AES capable of achieving a "complete AES key recovery from known-plaintext timings of a network server on another computer."
A research paper published in 2011, titled "Biclique Cryptanalysis of the Full AES," by researchers Andrey Bogdanov, Dmitry Khovratovich, and Christian Rechberger, demonstrated that by using a technique called a biclique attack, they could recover AES keys faster than a brute-force attack by a factor of between three and five, depending on the cipher version. However, even this attack does not threaten the practical use of AES due to its high-computational complexity.
AES has proven to be a reliable cipher, and the only practical successful attacks against AES have leveraged side-channel attacks on weaknesses found in the implementation or key management of specific AES-based encryption products.
Side-channel attacks exploit flaws in the way a cipher has been implemented rather than brute force or theoretical weaknesses in a cipher. The Browser Exploit Against SSL/TLS (BEAST) browser exploit against the TLS v1.0 protocol is a good example; TLS can use AES to encrypt data, but due to the information that TLS exposes, attackers managed to predict the initialization vector block used at the start of the encryption process.
- Best Encryption Software in 2020 - Latest Quadrant Ranking Released by 360Quadrants - PRNewswire - September 30th, 2020
- 4 Reasons Why Encryption Is a Must for Data Protection - CIOReview - September 30th, 2020
- Prospective Node Operators Stake $125M in ETH to Participate in NuCypher Encryption Network - CoinDesk - Coindesk - September 30th, 2020
- Fortanix Partners with VMware to Enable Cloud Service Providers to Deliver Data Security as a Service - GlobeNewswire - September 30th, 2020
- SanDisks latest portable SSDs have boosted speed and security - The Verge - September 30th, 2020
- What Facebook users need to know about end-to-end encryption - Fast Company - September 30th, 2020
- Whats really up with your secure WhatsApp chats - Mint - September 30th, 2020
- Hardware Encryption Technology Market Trends Together With Growth Forecast To 2026 - The Daily Chronicle - September 30th, 2020
- Global Cloud Encryption Market- Industry Analysis and forecast 2020 2027: By Industrial verticals, Services, and Region. - Unica News - September 30th, 2020
- Global Hardware-based Full Disk Encryption (FDE) Market to Witness a Pronounce Growth During 2020-2026 - The Daily Chronicle - September 30th, 2020
- Global Cloud Encryption Technology Market with (Covid-19) Impact Analysis: Growth, Latest Trend Analysis and Forecast 2026 - The Daily Chronicle - September 30th, 2020
- Global Email Encryption Software Market Report 2020-2027: Production Capacity and Consumption Analysis by Regions and Country Wise - Crypto Daily - September 30th, 2020
- Cloud Encryption Service Market 2020 | Detailed Analysis, Growth, Research and Forecast - The Daily Chronicle - September 30th, 2020
- Database Encryption Market Potential Growth, Size, Share, Demand and Analysis of Key Players Research Forecasts to 2027 - The Daily Chronicle - September 30th, 2020
- Optical Encryption Industry 2020 Includes The Major Application Segments And Size In The Global Market To 2026 - The Daily Chronicle - September 30th, 2020
- Hardware Based Encryption Market Projected to Be Resilient During 2020-2025 - The Market Records - September 30th, 2020
- Hardware Encryption Market (2020-2026) | Where Should Participant Focus To Gain Maximum ROI | Exclusive Report By DataIntelo - Crypto Daily - September 30th, 2020
- Ring plans to offer end-to-end encryption by the end of the year - The Verge - September 29th, 2020
- Encryption Software Market Comprehensive Study With Key Trends, Major Drivers And Challenges 2020-2026 - The Market Records - September 29th, 2020
- Ring to offer opt-in end-to-end encryption for videos beginning later this year - TechCrunch - September 29th, 2020
- WhatsApp Encryption Is Not Foolproof; Chats Can Be Accessed In These Ways - Yahoo India News - September 29th, 2020
- Hardware-based Full Disk Encryption (FDE) Market Forecast to 2027 Covid-19 Impact and Global Analysis by Type, Deployment Type and Industry Vertical... - September 29th, 2020
- EU Still Asking For The Impossible (And The Unnecessary): 'Lawful Access' To Encrypted Material That Doesn't Break Encryption - Techdirt - September 29th, 2020
- Encryption Software Market Report Examines Growth Overview And Predictions On Size, Share And Trend Through 2025 - The Daily Chronicle - September 29th, 2020
- Russia Is Trying Something New to Isolate Its Internet From the Rest of the World - Slate - September 29th, 2020
- Network Encryption Market From 2020-2026: Growth Analysis By Manufacturers, Regions, Types And Applications - The Daily Chronicle - September 29th, 2020
- Encryption Software Market Size, Analytical Overview, Key Players, Growth Factors, Demand, Trends And Forecast to 2027 - The Daily Chronicle - September 29th, 2020
- Top Technologies To Achieve Security And Privacy Of Sensitive Data In AI Models - Analytics India Magazine - September 29th, 2020
- Database Encryption Market Analysis and the Impact of COVID-19 Key Vendors, Growth Rate and Forecast To 2028 - The Daily Chronicle - September 29th, 2020
- Cloud Encryption Technology Market Size, Analytical Overview, Key Players, Growth Factors, Demand, Trends And Forecast to 2027 - The Daily Chronicle - September 29th, 2020
- Cloud Encryption Market 2020 Global Share, Growth, Size, Opportunities, Trends, Regional Overview, Leading Company Analysis And Forecast To 2026 |... - September 29th, 2020
- WhatsApp says end-to-end encryption to protects chats among app however not cloud backups - Stanford Arts Review - September 29th, 2020
- Cloud Encryption Market 2020-2028 Research Report| Know The Growth Factors and Future Scope - The Daily Chronicle - September 25th, 2020
- Cloud Encryption Market to Witness Astonishing Growth by 2026 | Ciphercloud, Gemalto, Hytrust and more - Crypto Daily - September 25th, 2020
- One Way to Prevent Police From Surveilling Your Phone - The Intercept - September 25th, 2020
- COVID-19 Impact on Global Encryption Software Market Report to Share Key Aspects of the Industry with the details of Influence Factors - Scientect - September 4th, 2020
- Encryption Software Market: Regional Overview and Trends Evaluation to 2026 - Fractovia News - September 4th, 2020
- Encryption Software Market is Expected to reach $2.16 billion by 2020| Growing at a CAGR (compounded annual growth rate) of CAGR of 14.27% from 2014... - September 4th, 2020
- WD unveils encrypted ArmorLock SSD that unlocks using your smartphone - 9to5Toys - September 4th, 2020
- Encryption Software Market report, upcoming trends, share report, growth size, industry players and global forecast to 2025 - Galus Australis - September 4th, 2020
- COVID-19 Impact on Global Encryption Software Market: Global Industry Analysis by Size, Share, Growth, Trends and Forecast 2020 2025 - The Daily... - September 4th, 2020
- Hardware Encryption Technology Steady Growth to be Witnessed by 2019-2029 - The News Brok - September 4th, 2020
- Encryption Software Market to Witness Astonishing Growth by 2026 | Dell , Eset , Gemalto and more - The Daily Chronicle - September 4th, 2020
- IIT Guwahati Research team working towards protecting data from cyber attacks - India Today - September 4th, 2020
- Five Security Blind Spots You Might Not Realize You Have - Government Technology - September 4th, 2020
- Cloud Encryption MARKET 2020 BY MANUFACTURERS, REGIONS, TYPE AND APPLICATION, FORECAST TO 2027 - Scientect - September 4th, 2020
- Network Encryption Market Trends, Outlook and Forecasts to 2025 by: Gemalto, Riverbed Technology, IBM Corporation, SolarWinds Inc., Juniper Networks... - September 4th, 2020
- What is the Importance of Encryption in the Business Network - Enterprise Security Mag - September 2nd, 2020
- How to enable end-to-end encryption for the Nextcloud app - TechRepublic - September 2nd, 2020
- The Feds Need to Listen in on Your Encrypted Knowledge. It is "for the Youngsters." - The Shepherd of the Hills Gazette - September 2nd, 2020
- NordVPN review: An encryption powerhouse with the best VPN bang for your buck - CNET - September 2nd, 2020
- Homomorphic encryption: Deriving analytics and insights from encrypted data - CSO Online - September 2nd, 2020
- Encryption Key Management 2020-2025 | Global Market Trends, Applications, Size, Types, Key Manufacturers and Forecast Research - The Daily Chronicle - September 2nd, 2020
- AES Encryption Software Market : Global Strategies and Insight driven transformation 2020 2026 - SG Research Sphere - September 2nd, 2020
- IIT Guwahati researchers develop algorithms to protect information like health data from cyberattacks - EdexLive - September 2nd, 2020
- Global Cloud Encryption Market- Industry Analysis and forecast 2020 2027: By Industrial verticals, Services, and Region. - Galus Australis - September 2nd, 2020
- Data Encryption Market Size 2020 By Global Business Trends, Share, Future Demand, Leading Players Updates and Forecast to 2026 (Based on 2020 COVID-19... - September 2nd, 2020
- Mobile Encryption Technology Market : Global Trends, Analysis and Forecast 2025 - The Daily Chronicle - September 2nd, 2020
- How to Encrypt Files with gocryptfs on Linux - How-To Geek - September 2nd, 2020
- GlobeX Data launches Sekur, its secure, encrypted email and messaging solution - Proactive Investors USA & Canada - September 2nd, 2020
- What to do in the event of a ransomware attack - Charity Digital News - September 2nd, 2020
- Activate these 4 WhatsApp settings NOW to stop snoopers including face-lock and encryption - The Sun - September 2nd, 2020
- TLS Is Only as Strong as Its Weakest Link - Hashed Out by The SSL Store - Hashed Out by The SSL Store - September 2nd, 2020
- Encryption Management Solutions Market Trends, Size, Share, Status, Analysis And Forecast To 2025 - The News Brok - September 2nd, 2020
- Cloud Encryption Market Insights Business Opportunities, Current Trends And Restraints Forecast 2026 - Reports Watch - September 2nd, 2020
- 9 ways to build privacy into cloud applications - Reseller News - September 2nd, 2020
- Russia's New Blockchain Voting System Isn't Ready, but It'll Be Used This Month Anyway - Business Blockchain HQ - September 2nd, 2020
- Encryption and endpoint control: the heroes of post-lockdown data security - TEISS - August 20th, 2020
- Global Encryption Software Market 2020: Industry Analysis by Size, Share, Demand, Growth rate and Forecasts Till 2025 - The News Brok - August 20th, 2020
- Techdirt Podcast Episode 252: The Key To Encryption - Techdirt - August 20th, 2020
- Researchers Develop Attacks Targeting End-to-End Encryption in Emails - Decipher - August 20th, 2020
- Encryption Software Market- Global Outlook and Forecast 2018-2026 - Kentucky Journal 24 - August 20th, 2020
- Analyzing Impacts Of COVID-19 On Data Encryption Market Effects, Aftermath And Forecast To 2026 - The Daily Chronicle - August 20th, 2020
- Commercial Encryption Software Market Analysis And Demand With Forecast Overvie - News by aeresearch - August 20th, 2020
- Cloud Encryption Market Estimated to Experience a Hike in Growth by 2026 - Scientect - August 20th, 2020
- Why it's important to encrypt everything, everywhere, all the time - SecurityBrief Asia - August 20th, 2020
- Optical Encryption Market with Brief Introduction, Industry Overview, Scope, Size and Forecast Analysis 2025 - Scientect - August 20th, 2020
- What is On-the-Fly Memory Encryption? - Electropages - August 8th, 2020
- AFP says it made three requests for assistance in breaking encryption in 2019-20 - iTWire - August 8th, 2020
- Blue Canyon Technologies Tapped to Build QETSSat Encryption Satellite - Via Satellite - August 8th, 2020