What is AES encryption?
AES is one of the most widely used encryption protocols, but where did it come from and how does it work?
While it may not be something most people think about every day particularly if they're not IT professionals most organisations and individuals want to keep the majority of the information they store and exchange secure. The most common way of doing this is the centuries-old practice of encryption.
There are numerous different types of encryption used to keep data secure, whether that be messages sent over the open web such as through email, secure chats, or messaging apps like WhatsApp, or data stored in the cloud, in an on-premise data centre, on a device or on a removable drive. All of them, however fall into five algorithm types:
- RSA, a public key algorithm that includes protocols like PGP, SSL/TLS and SSH
- Data Encryption Standard (DES), which was originally developed by the US government. Once considered uncrackable, the power of computers now means it can be compromised and so isn't suitable for the most sensitive data
- TripleDES a newer and more secure version of DES that was also developed by the US government, but has the disadvantage of being very slow
- Twofish, which was created in response to a National Institute of Standards and Technology (NIST) call for a new, more secure encryption standard in the late 1990s. While it's considered very fast and very secure, it lost out in NIST's Advanced Encryption Standard competition to the final algorithm on our list
- Advanced Encryption Standard (AES) – originally known as Rijndaell, a portmanteau of the names of the Belgian developers who created it
How and why was AES developed?
The standard encryption method for 22 years between 1977 and 1999 was DES, developed by IBM, and used as the official algorithm for encrypting US government information. This was widely considered uncrackable, but the advancement of computing power in the 90s proved just enough for researchers to build systems capable of breaking the 56-bit encryption algorithm that DES represented.
The first public demonstration that DES could be cracked occurred in June 1997, where the DESCHALL Project harnessed a monumental amount of computing power to break the encryption key. The Deep Crack Project, spearheaded by the Electronic Frontier Foundation (EFF), in July 1998 broke DES encryption in only 56 hours. Further collaborative efforts between the EFF and distributed.net, six months later, slashed this time to 22hrs 15mins.
The US National Institute for Standards and Technology (NIST) subsequently realised that DES was in need of a drastic overhaul, having seen that encryption-breaking was becoming far more feasible. Work, therefore, began immediately on developing the successor to DES.
NIST launched an open competition in September 1997 calling for entries to explore how to protect data now and in the future. Dubbed the Advanced Encryption Standard process, the competition attracted 15 encryption designs. Three years later, a project known as Rijindael, developed by two Belgian cryptographers Vincent Rijmen and Joan Daemen, was chosen as the standard for AES encryption that’s still in use today. Then, in November 2000, the AES standard was certified for use by the US government, as a direct replacement for DES.
How does AES work?
In simple terms, AES takes a block of plain text, and applies alternating rounds of substitution and permutation boxes to the passage. This form of encryption is known as a substitution permutation network (SPN) block cipher algorithm, and the size of the boxes alternate between 128, 192 or 256 bits, depending on the strength of encryption. The standard strength for encryption is 128, with 256 reserved as and when the strongest levels of protection are required.
During this substitution-permutation process, an encryption key is generated, which can then be used to decipher and read the protected information as was originally intended. Without this decryption key, the data is completely illegible and totally scrambled, meaning it’s useless to third-parties who intercept traffic in the hope of stumbling on data they can steal.
Where is AES used?
While AES started life as a tool for the US government, including the NSA, it's been adopted by businesses and other organisations worldwide and is now one of the most widely used encryption algorithms around.
It's used in all sorts of file and transfer scenarios. For example, when you transmit files over an HTTPS connection, the chances are AES is keeping your data secure from any man-in-the-middle type attacks.
The complete guide to changing your phone system provider
Optimise your phone system for better business resultsDownload now
Simplify cluster security at scale
Centralised secrets management across hybrid, multi-cloud environmentsDownload now
The endpoint as a key element of your security infrastructure
Threats to endpoints in a world of remote workingDownload now
2021 state of IT asset management report
The role of IT asset management for maximising technology investmentsDownload now