- The Advanced Encryption Standard (AES) is currently the most popular and widely adopted symmetric encryption algorithm.
- It was developed by two Belgian cryptographers, Vincent Rijmen and Joan Daemen.
- If properly implemented, the algorithm is unbreakable at the moment.
Encryption is the most common way to protect sensitive data. It works by converting data into a form in which the original meaning is masked and only authorized users can decipher it.
This is done by scrambling the data with mathematical functions based on a number called a key. To unscramble (decrypt) the data, the process is reserved using the same or a different key.
The process is called symmetric if the same key is used for both encryption and decryption. The process is asymmetric if different keys are used.
The Advanced Encryption Standard (AES) is currently the most popular and widely adopted symmetric encryption algorithm. It was established by the US National Institute of Standards and Technology (NIST) in 2001.
In 2002, AES became effective as a federal government standard. As of now, it is the only publicly accessible cipher approved by the NSA (National Security Agency) for top-secret projects.
Who Developed AES And Why?
In the mid-1990s, the United States government planned a project to analyze different kinds of encryption techniques. Actually, they were looking for a standard that would be secure and efficient to implement.
NIST analyzed hundreds of algorithms submitted by various research teams and organizations. Finally, they made their selection in late 2001. They chose “Rijndael” as the new Advanced Encryption Standard algorithm.
It was submitted by two Belgian cryptographers, Vincent Rijmen and Joan Daemen.
Rijndael was rigorously tested in ANSI, Java, and C languages for efficiency and reliability in the encryption/decryption process. They ensured that the new algorithm is resistant to major attacks both in software- and hardware-centric systems.
Why were they seeking for new encryption method?
In 1976, the US National Bureau of Standards (NBS) adopted the Data Encryption Standard (DES) to encrypt sensitive government data. It was a symmetric key algorithm built by IBM.
The algorithm served its purpose fairly well for 20 years, but with the arrival of more powerful processors, a few security concerns started popping up.
In fact, some researchers were able to develop techniques that could crack DES within 48 hours, using the brute force method. Although such attacks were very expensive and extremely difficult to mount, they were enough to prove that DES would soon become unreliable.
As a result, NIST announced the need for a successor algorithm for DES and started the development of AES in 1997, which was intended to be available royalty-free worldwide.
How Does AES Encryption Work?
Unlike DES (which uses a relatively short 56-bit key size), AES uses key sizes of either 128, 192, or 256-bit to encrypt/decrypt data.
AES is an iterative cipher based on a substitution-permutation network. It involves a series of linked operations, such as replacing input with certain outputs (substitution) or shuffling bits around (permutation).
The first thing the algorithm does is it splits the plaintext (input data) into blocks of 128-bits. Since all computations are performed on bytes (128 bits = 16 bytes), it converts each block size into a 4*4 matrix for further processing.
There are five main steps involved in the AES algorithm:
1. Add Round Key: The initial key (derived from a structured process when encryption is actually applied) is added to the block of the plaintext. This is done by applying an additive encryption algorithm called Exclusive Or (XOR).
2. Substitute Bytes: The input bytes are substituted by looking up a predetermined table.
3. Shift Rows: The 2nd row of the matrix is shifted one position (byte) to the left, 3rd row is shifted two positions to the left, and 4th row is shifted three positions to the left. The resulting matrix contains the same 16 bytes but shifted with respect to each other.
4. Mix Columns: The algorithm uses a special mathematical function to transform each column of the matrix. The function replaces the original columns with completely new bytes.
5. Add Round Key: The matrix is now considered as 128 bits and XORed to the 128-bit round key.
If you thought that was it, you couldn’t be more wrong. The data goes back to step 2, step 3, step 4, and step 5. In other words, step 2 to step 5 is executed in a loop.
But how many times the loop runs? This depends on the AES cipher key size: When a 128-bit key is used, the loop runs 9 times; when a 192-bit key is used, the loop runs 11 times; and when a 256-bit key is used, it runs 13 times.
Each added round makes the algorithm stronger. After the end of the loop, one additional round is performed, which involves byte substitution, row shifting, and key addition rounds.
The column mixing step is excluded because, at this point, it wouldn’t change data and unnecessarily eat up computing resources, making encryption less efficient.
Steps involved in AES encryption and decryption
The decryption process is relatively simple. All operations are performed in reverse order. The process begins with the inverse add round key, inverse rows shifting, and inverse byte substitution.
And then for each round, four processes are carried out in reverse order, i.e.
- Inverse round key
- Inverse mix column
- Inverse shift rows
- Inverse byte substitution
Finally, the inverse add round key (step 1 of encryption) is performed. After completion of this process, you get your original message.
Since AES is significantly faster and exponentially stronger than its predecessor DES, it is ideal for various applications, hardware, and firmware that require high throughput or low latency.
The algorithm can perform exceptionally well in a broad range of hardware, from high-performance computers to 8-bit smart cards.
Most CPU manufactures, including AMD and Intel, integrate the AES instruction set into their processors. This enhances the performance of AES on many devices and improves their resistance to side-channel attacks.
On AMD Ryzen and Intel Core i7/i5/i3 CPUs, AES encryption can yield a throughput of over 10 GB/s. On old processors, such as Pentium M, throughput is approximately 60 Mbit/s.
How Secure AES Algorithm Is?
Cryptographers have been analyzing AES for weakness since the standard was finalized in 2000. So far, they have published theoretical and side-channel attacks against AES-128.
In 2009, a group of researchers targeted an 8-key round version of AES-128. It was a known-key attack to figure out the internal structure of the encryption. But since it was only against an 8-round version of AES-128, instead of the standard 10-round version, it is considered a relatively minor threat.
There was also a series of related-key attacks in the same year, where researchers tried to crack a cipher by analyzing how it functions under different keys. However, these attacks proved to be a threat to only protocols that weren’t correctly implemented.
Major risk: Side-channel attacks
Side-channel attacks are based on data gained from the implementation of a system, rather than the weakness in the implemented algorithm itself. For example, power consumption, timing information, or even electromagnetic leaks can provide an additional source of data, which can be exploited.
In one case, researchers successfully deduced AES-128 keys by carefully monitoring the state of the processor’s memory cache. However, such cases can be reduced by preventing possible ways data can leak or by ensuring that the leaked information isn’t associated with algorithmic processes.
Despite potential side-channel attacks and current theoretical attacks, all versions of AES remain highly secure. The properly implemented AES algorithm is unbreakable at the moment.
In fact, the world’s most powerful computer would take more than 800 quadrillion years to brute force a 128-bit AES key. The number of calculations required to brute force a 256-bit cipher is 3.31 x 1056, which is roughly equal to the number of atoms in the universe.
AES is included in programs that we use all of the time. For example, WinZip, RAR, and UltraISO use Rijndael Algorithm to encrypt your data.
BitLocker, CipherShed, DiskCyptor, VeraCrypt, and FileVault makes AES-encrypted drive images. IEEE 802.11i, an IEEE standard that specifies security mechanisms for wireless networks, uses AES-128 in CCM mode.
Some of the most popular messaging apps like Facebook Messenger, Signal, WhatsApp, and Google Allo use AES to encrypt messages between sender and receivers.