What is AES encryption?

AES is one of the most widely used encryption protocols, but where did it come from and how does it work?

While it may not be something most people think about every day particularly if they're not IT professionals most organisations and individuals want to keep the majority of the information they store and exchange secure. The most common way of doing this is the centuries-old practice of encryption.

There are numerous different types of encryption used to keep data secure, whether that be messages sent over the open web such as through email, secure chats, or messaging apps like WhatsApp, or data stored in the cloud, in an on-premise data centre, on a device or on a removable drive. All of them, however fall into five algorithm types:

  • RSA, a public key algorithm that includes protocols like PGP, SSL/TLS and SSH
  • Data Encryption Standard (DES), which was originally developed by the US government. Once considered uncrackable, the power of computers now means it can be compromised and so isn't suitable for the most sensitive data
  • TripleDES a newer and more secure version of DES that was also developed by the US government, but has the disadvantage of being very slow
  • Twofish, which was created in response to a National Institute of Standards and Technology (NIST) call for a new, more secure encryption standard in the late 1990s. While it's considered very fast and very secure, it lost out in NIST's Advanced Encryption Standard competition to the final algorithm on our list
  • Advanced Encryption Standard (AES), originally known as Rijndael a portmanteau of the names of the Belgian developers who created it

How and why was AES developed?

From 1977 until 1999, DES was the go-to standard for encryption. Developed by IBM, it was the official algorithm used for encrypting US government data and was considered essentially uncrackable. All that changed in the 1990s: With computers increasing in power, it became increasingly trivial to break DES's 56-bit encryption algorithm.

DES was first publicly demonstrated to be crackable in June 1997 by the DESCHALL Project, although it took a significant amount of computing resources.

Advertisement
Advertisement - Article continues below

In July 1998, the Electronic Frontier Foundation's (EFF) Deep Crack project broke DES in 56 hours. Just six months later the team collaborated with distributed.net brought this time down to 22 hours and 15 minutes.

With the knowledge that these projects were underway NIST, the US National Institute for Standards and Technology, realised DES urgently needed replacing and began working towards doing just that.

In September 1997 NIST, the US National Institute for Standards and Technology, launched an open competition called the Advanced Encryption Standard process to find a new way to protect data. Fifteen new encryption designs were submitted, with Rijndael created by two Belgian cryptographers, Joan Daemen and Vincent Rijmen -- eventually being chosen as the standard for AES in 2000. In November 2001, AES was finally certified for use by the US government.

How does AES work?

AES is a substitution permutation network (SPN) block cipher algorithm. This means the algorithm takes a block of plain text and applies alternating rounds of substitution and permutation boxes to it. In AES, the size of each box is 128, 192 or 256 bits, depending on how strong the encryption needs to be, but 128-bit is typical.

An encryption key is generated during the substitution-permutation process, allowing the data to be deciphered and read by the intended recipient. Without the key, though, the data is completely scrambled and unintelligible.

Where is AES used?

While AES started life as a tool for the US government, including the NSA, it's been adopted by businesses and other organisations worldwide and is now one of the most widely used encryption algorithms around.

It's used in all sorts of file and transfer scenarios. For example, when you transmit files over an HTTPS connection, the chances are AES is keeping your data secure from any man-in-the-middle type attacks.

Main image credit: Bigstock

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354195/where-modernisation-and-sustainability-meet-a-tale-of-two
Sponsored

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019