Understanding advanced encryption standard on basic level doesnt require a higher degree in computer science or Matrix-level consciousness lets break AES encryption down into laymans terms
Hey, all. We know of security of information to be a hot topic since, well, forever. We entrust our personal and sensitive information to lots of major entities and still have problems with data breaches, data leaks, etc. Some of this happens because of security protocols in networking, or bad practices of authentication management but, really, there are many ways that data breaches can occur. However, the actual process of decrypting a ciphertext without a key is far more difficult. For that, we can thank the encrypting algorithms like the popular advanced encryption standard and the secure keys that scramble our data into indecipherable gibberish.
Lets look into how AES works and different applications for it. Well be getting a little into some Matrix-based math so, grab your red pills and see how far this rabbit hole goes.
Lets hash it out.
You may have heard of advanced encryption standard, or AES for short but may not know the answer to the question what is AES? Here are four things you need to know about AES:
The National Institute of Standards and Technology (NIST) established AES as an encryption standard nearly 20 years ago to replace the aging data encryption standard (DES). After all, AES encryption keys can go up to 256 bits, whereas DES stopped at just 56 bits. NIST could have chosen a cipher that offered greater security, but the tradeoff would have required greater overhead that wouldnt be practical. So, they went with one that had great all-around performance and security.
AESs results are so successful that many entities and agencies have approved it and utilize it for encrypting sensitive information. The National Security Agency (NSA), as well as other governmental bodies, utilize AES encryption and keys to protect classified or other sensitive information. Furthermore, AES is often included in commercial based products, including but limited to:
Although it wouldnt literally take forever, it would take far longer than any of our lifetimes to crack an AES 256-bit encryption key using modern computing technology. This is from a brute force standpoint, as in trying every combination until we hear the click/unlocking sound. Certain protections are put in place to prevent stuff from like this happening quickly, such as a limit on password attempts before a lockdown, which may or may not include a time lapse, to occur before trying again. When we are dealing with computation in milliseconds, waiting 20 minutes to try another five times would seriously add to the time taken to crack a key.
Just how long would it take? We are venturing into a thousand monkeys working on a thousand typewriters to write A Tale of Two Cities territory. The possible combinations for AES 256-bit encryption is 2256. Even if a computer can do multiple quadrillions of instructions per second, then we are still in that eagles-wings-eroding-Mount-Everest time frame.
Needless to say, its waaaaaaaaaaaaaaaaaaay (theres not enough memory on our computers to support the number of a letters that I want to convey) longer than our current universe has been in existence. And thats just for a 16-byte block of data. So, as you can see, brute forcing AES even if it is 128 bits AES is futile.
That would likely change, though, once quantum computing becomes a little more mainstream, available, and effective. Quantum computing is expected to break AES encryption and require other methods to protect our data but thats still a ways down the road.
Manage Digital Certificates like a Boss
14 Certificate Management Best Practices to keep your organization running, secure and fully-compliant.
To better understand what AES is, you need to understand how it works. But in order to see how the advanced encryption standard actually works, however, we first need to look at how this is set up and the rules concerning the process based on the users selection of encryption strength. Typically, when we discuss using higher bit levels of security, were looking at things that are more secure and more difficult to break or hack. While the data blocks are broken up into 128 bits, the key size have a few varying lengths: 128 bits, 196 bits, and 256 bits. What does this mean? Lets back it up for a second here.
We know that encryption typically deals in the scrambling of information into something unreadable and an associated key to decrypt the scramble. AES scramble procedures use four scrambling operations in rounds, meaning that it will perform the operations, and then repeat the process based off of the previous rounds results X number of times. Simplistically, if we put in X and get out Y, that would be one round. We would then put Y through the paces and get out Z for round 2. Rinse and repeat until we have completed the specified number of rounds.
The AES key size, specified above, will determine the number of rounds that the procedure will execute. For example:
As mentioned, each round has four operations.
So, youve arrived this far. Now, you may be asking: why, oh why, didnt I take the blue pill?
Before we get to the operational parts of advanced encryption standard, lets look at how the data is structured. What we mean is that the data that the operations are performed upon is not left-to-right sequential as we normally think of it. Its stacked in a 44 matrix of 128 bits (16 bytes) per block in an array thats known as a state. A state looks something like this:
So, if your message was blue pill or red, it would look something like this:
So, just to be clear, this is just a 16-byte block so, this means that every group of 16 bytes in a file are arranged in such a fashion. At this point, the systematic scramble begins through the application of each AES encryption operation.
As mentioned earlier, once we have our data arrangement, there are certain linked operations that will perform the scramble on each state. The purpose here is to convert the plaintext data into ciphertext through the use of a secret key.
The four types of AES operations as follows (note: well get into the order of the operations in the next section):
As mentioned earlier, the key size determines the number of rounds of scrambling that will be performed. AES encryption uses the Rjindael Key Schedule, which derives the subkeys from the main key to perform the Key Expansion.
The AddRoundKey operation takes the current state of the data and executes the XOR Boolean operation against the current round subkey. XOR means Exclusively Or, which will yield a result of true if the inputs differ (e.g. one input must be 1 and the other input must be 0 to be true). There will be a unique subkey per round, plus one more (which will run at the end).
The SubBytes operation, which stands for substitute bytes, will take the 16-byte block and run it through an S-Box (substitution box) to produce an alternate value. Simply put, the operation will take a value and then replace it by spitting out another value.
The actual S-Box operation is a complicated process, but just know that its nearly impossible to decipher with conventional computing. Coupled with the rest of AES operations, it will do its job to effectively scramble and obfuscate the source data. The S in the white box in the image above represents the complex lookup table for the S-Box.
The ShiftRows operation is a little more straightforward and is easier to understand. Based off the arrangement of the data, the idea of ShiftRows is to move the positions of the data in their respective rows with wrapping. Remember, the data is arranged in a stacked arrangement and not left to right like most of us are used to reading. The image provided helps to visualize this operation.
The first row goes unchanged. The second row shifts the bytes to the left by one position with row wrap around. The third row shifts the bytes one position beyond that, moving the byte to the left by a total of two positions with row wrap around. Likewise, this means that the fourth row shifts the bytes to the left by a total of three positions with row wrap around.
The MixColumns operation, in a nutshell, is a linear transformation of the columns of the dataset. It uses matrix multiplication and bitwise XOR addition to output the results. The column data, which can be represented as a 41 matrix, will be multiplied against a 44 matrix in a format called the Gallois field, and set as an inverse of input and output. That will look something like the following:
As you can see, there are four bytes in that are ran against a 44 matrix. In this case, matrix multiplication has each input byte affecting each output byte and, obviously, yields the same size.
Now that we have a decent understanding of the different operations utilized to scramble our data via AES encryption, we can look at the order in which these operations execute. It will be as such:
Note: The MixColumns operation is not in the final round. Without getting into the actual math of this, theres no additional benefit to performing this operation. In fact, doing so would simply make the decryption process a bit more taxing in terms of overhead.
If we consider the number of rounds and the operations per round that are involved, by the end of it, you should have a nice scrambled block. And that is only a 16-byte block. Consider how much information that equates to in the big picture. Its miniscule when compared to todays file/packet sizes! So, if each 16-byte block has seemingly no discernable pattern at least, any pattern that can be deciphered in a timely manner Id say AES has done its job.
We know the advanced encryption standard algorithm itself is quite effective, but its level of effectiveness depends on how its implemented. Unlike the brute force attacks mentioned above, effective attacks are typically launched on the implementation and not on the algorithm itself. This can be equated to attacking users as in phishing attacks versus attacking the technology behind the service/function that may be hard to breach. These can be considered side-channel attacks where the attacks are being carried out on other aspects of the entire process and not the focal point of the security implementation.
While I always advocate going with a reasonable/effective security option, a lot of AES encryption is happening without you even knowing it. Its locking down spots of the computing world that would otherwise be wide open. In other words, there would be many more opportunities for hackers to capture data if advanced encryption standard wasnt implemented at all. We just need to know how to identify the open holes and figure out how to plug them. Some may be able to use AES and others may need another protocol or process.
Appreciate the encryption implementations we have, use the best ones when needed, and happy scrutinizing!
- Solving problems by working together: Could quantum computing hold the key to Covid-19? - ITProPortal - July 2nd, 2020
- Spain Introduces the World's First Quantum Phase Battery - News - All About Circuits - July 2nd, 2020
- Professor tackles one more mystery about quantum mechanics and times flow - GeekWire - July 2nd, 2020
- This Week's Awesome Tech Stories From Around the Web (Through June 27) - Singularity Hub - June 29th, 2020
- Kudos: Read about faculty, staff and student awards, appointments and achievements - Vanderbilt University News - June 29th, 2020
- This Is the First Universal Language for Quantum Computers - Popular Mechanics - June 21st, 2020
- Universal Quantum raises $4.5 million to build a large-scale quantum computer - VentureBeat - June 17th, 2020
- Ethereum (ETH) Might Not have Quantum Resistance on its Roadmap, the QRL Team Reveals - Crowdfund Insider - June 17th, 2020
- Craig Knoblock Named Michael Keston Executive Director of the USC Information Sciences Institute - USC Viterbi School of Engineering - June 17th, 2020
- European quantum computing startup takes its funding to 32M with fresh raise - TechCrunch - June 11th, 2020
- SKT to expand use of new quantum-powered security solutions - The Korea Herald - June 11th, 2020
- Archer looks to commercialisation future with graphene-based biosensor tech - ZDNet - June 11th, 2020
- Dear NASA, please put a particle collider on the Moon - The Next Web - June 11th, 2020
- Top 10 emerging technologies of 2020: Winners and losers - TechRepublic - June 11th, 2020
- When Will Quantum Computing Come to Mainstream? - Analytics Insight - June 8th, 2020
- University announces 2020 winners of Quantrell and Graduate Teaching Awards - UChicago News - June 8th, 2020
- Physicists Found a Way to Save Schrdingers Cat - Dual Dove - June 8th, 2020
- Physicists hunt for room-temperature superconductors that could revolutionize the world's energy system - The Conversation US - June 3rd, 2020
- Covid 19 Pandemic: Quantum Computing Technologies Market 2020, Share, Growth, Trends And Forecast To 2025 - 3rd Watch News - May 24th, 2020
- Molecular dynamics used to simulate 100 million atoms | Opinion - Chemistry World - May 23rd, 2020
- Highest-performing quantum simulator IN THE WORLD delivered to Japan - TechGeek - May 18th, 2020
- Light, fantastic: the path ahead for faster, smaller computer processors - News - The University of Sydney - May 18th, 2020
- Wiring the quantum computer of the future - Space Daily - April 29th, 2020
- Technologies That You Can Explore Other Than Data Science During Lockdown - Analytics India Magazine - April 29th, 2020
- Will Quantum Computing Really Change The World? Facts And Myths - Analytics India Magazine - April 23rd, 2020
- Google's top quantum computing brain may or may not have quit - Fudzilla - April 23rd, 2020
- On the Heels of a Light Beam - Scientific American - April 23rd, 2020
- Google's Head of Quantum Computing Hardware Resigns - WIRED - April 21st, 2020
- COVID-19: Quantum computing could someday find cures for coronaviruses and other diseases - TechRepublic - April 21st, 2020
- The future of quantum computing in the cloud - TechTarget - April 21st, 2020
- Quantum computer chips demonstrated at the highest temperatures ever - New Scientist News - April 17th, 2020
- Alex Garland on 'Devs,' free will and quantum computing - Engadget - April 14th, 2020
- RAND report finds that, like fusion power and Half Life 3, quantum computing is still 15 years away - The Register - April 12th, 2020
- Quantum computing: When to expect the next major leap - TechRepublic - April 12th, 2020
- Cambridge Quantum Computing Performs the World's First Quantum Natural Language Processing Experiment - Quantaneo, the Quantum Computing Source - April 12th, 2020
- The Well-matched Combo of Quantum Computing and Machine Learning - Analytics Insight - March 23rd, 2020
- Picking up the quantum technology baton - The Hindu - March 23rd, 2020
- Research by University of Chicago PhD Student and EPiQC Wins IBM Q Best Paper - HPCwire - March 23rd, 2020
- Honeywell Achieves Breakthrough That Will Enable The Worlds Most Powerful Quantum Computer #47655 - New Kerala - March 23rd, 2020
- Is time broken? Physicists filmed a quantum measurement but the 'moment' was blurry - The Next Web - March 5th, 2020
- What Is Quantum Computing? The Next Era of Computational ... - March 3rd, 2020
- Honeywell says it will soon launch the worlds most powerful quantum computer - TechCrunch - March 3rd, 2020
- Majority of Promising AI Startups Are Still Based in the US - Transport Topics Online - March 3rd, 2020
- 10 Revolutionary Technologies To Lookout For In 2020 - Fossbytes - March 3rd, 2020
- Quantum researchers able to split one photon into three - Space Daily - March 3rd, 2020
- Physicists Captured The Moment That An Atom Enters Quantum Measurement - Somag News - February 29th, 2020
- This Week's Awesome Tech Stories From Around the Web (Through February 29) - Singularity Hub - February 29th, 2020
- IC Breakthroughs: Energy Harvesting, Quantum Computing, and a 96-Core Processor in Six Chiplets - News - All About Circuits - February 29th, 2020
- Top 10 Strategic Technology Breakthroughs That Will Transform Our Lives - Analytics Insight - February 29th, 2020
- New Intel chip could accelerate the advent of quantum computing - RedShark News - February 28th, 2020
- Particle accelerator technology could solve one of the most vexing problems in building quantum computers - Fermi National Accelerator Laboratory - February 28th, 2020
- Top 10 breakthrough technologies of 2020 - TechRepublic - February 28th, 2020
- 21st ISQED Conference to Commence With Focus on Quantum Computing, Security, and AI/ML & Electronic Design - PRNewswire - February 25th, 2020
- NTT Research to Collaborate with UCLA and Georgetown on Cryptography and Blockchain - Yahoo Finance - February 25th, 2020
- Should decision makers be concerned by the threat of quantum? - Information Age - February 25th, 2020
- Keeping classified information secret in a world of quantum computing - Bulletin of the Atomic Scientists - February 11th, 2020
- A neural network that learned to predict the behavior of a quantum system - Tech Explorist - February 9th, 2020
- Deltec Bank, Bahamas A combination of Quantum Computing and Blockchain Technology Will Have a huge Impact on Banking - Press Release - Digital... - February 5th, 2020
- Could Photonic Chips Outpace the Fastest Supercomputers? - Singularity Hub - February 5th, 2020
- Google claims to have invented a quantum computer, but IBM begs to differ - The Conversation CA - January 22nd, 2020
- Xanadu Receives $4.4M Investment from SDTC to Advance its Photonic Quantum Computing Technology - Quantaneo, the Quantum Computing Source - January 22nd, 2020
- U of T's Peter Wittek, who will be remembered at Feb. 3 event, on why the future is quantum - News@UofT - January 17th, 2020
- Quantum Computing Technologies Market 2019, Size, Share, Global Industry Growth, Business Statistics, Top Leaders, Competitive Landscape, Forecast To... - January 17th, 2020
- This Week In Security: Windows 10 Apocalypse, Paypal Problems, And Cablehaunt - Hackaday - January 17th, 2020
- Kitchener's Angstrom Engineering is making a quantum leap with its next-generation technology - TheRecord.com - January 17th, 2020
- Xanadu Receives $4.4M Investment from SDTC to Advance its Photonic Quantum Computing Technology - Yahoo Finance - January 16th, 2020
- The dark side of IoT, AI and quantum computing: Hacking, data breaches and existential threat - ZDNet - January 16th, 2020
- 'How can we compete with Google?': the battle to train quantum coders - The Guardian - January 16th, 2020
- IBM heads US patent list for 27th consecutive year - Technology Decisions - January 16th, 2020
- New Technique May Be Capable of Creating Qubits From Silicon Carbide Wafer - Tom's Hardware - January 14th, 2020
- The hunt for the 'angel particle' continues - Big Think - January 13th, 2020
- How to verify that quantum chips are computing correctly - MIT News - January 13th, 2020
- Googles Quantum Supremacy will mark the End of the Bitcoin in 2020 - The Coin Republic - January 13th, 2020
- Bleeding edge information technology developments - IT World Canada - January 13th, 2020
- Jeffrey Epstein scandal: MIT professor put on leave, he 'failed to inform' college that sex offender made donations - CNBC - January 10th, 2020
- The teenager that's at CES to network - Yahoo Singapore News - January 10th, 2020
- AI, ML and quantum computing to cement position in 2020: Alibabas Jeff Zhang - Tech Observer - January 8th, 2020
- Perspective: End Of An Era | WNIJ and WNIU - WNIJ and WNIU - January 8th, 2020
- Volkswagen carried out the world's first pilot project for traffic optimization with a quantum computer - Quantaneo, the Quantum Computing Source - January 6th, 2020
- The 12 Most Important and Stunning Quantum Experiments of 2019 - Livescience.com - December 31st, 2019