Advanced Encryption Standard (AES) Last Updated : 03 Feb, 2025 Comments Improve Suggest changes Like Article Like Report Advanced Encryption Standard (AES) is a highly trusted encryption algorithm used to secure data by converting it into an unreadable format without the proper key. It is developed by the National Institute of Standards and Technology (NIST) in 2001. It is is widely used today as it is much stronger than DES and triple DES despite being harder to implement. AES encryption uses various key lengths (128, 192, or 256 bits) to provide strong protection against unauthorized access. This data security measure is efficient and widely implemented in securing internet communication, protecting sensitive data, and encrypting files. AES, a cornerstone of modern cryptography, is recognized globally for its ability to keep information safe from cyber threats.AES is a Block Cipher.The key size can be 128/192/256 bits.Encrypts data in blocks of 128 bits each.That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text. AES relies on the substitution-permutation network principle, which is performed using a series of linked operations that involve replacing and shuffling the input data.Working of The CipherAES performs operations on bytes of data rather than in bits. Since the block size is 128 bits, the cipher processes 128 bits (or 16 bytes) of the input data at a time.The number of rounds depends on the key length as follows :N (Number of Rounds)Key Size (in bits)101281219214256Creation of Round KeysA Key Schedule algorithm calculates all the round keys from the key. So the initial key is used to create many different round keys which will be used in the corresponding round of the encryption.Creation of Round Keys (AES)EncryptionAES considers each block as a 16-byte (4 byte x 4 byte = 128 ) grid in a column-major arrangement.[ b0 | b4 | b8 | b12 || b1 | b5 | b9 | b13 || b2 | b6 | b10| b14 || b3 | b7 | b11| b15 ]Added Round Keys (AES)Each round comprises of 4 steps :SubBytesShiftRowsMixColumnsAdd Round KeyStep1. Sub BytesThis step implements the substitution. In this step, each byte is substituted by another byte. It is performed using a lookup table also called the S-box. This substitution is done in a way that a byte is never substituted by itself and also not substituted by another byte which is a compliment of the current byte. The result of this step is a 16-byte (4 x 4 ) matrix like before.The next two steps implement the permutation.Step2. Shift RowsThis step is just as it sounds. Each row is shifted a particular number of times.The first row is not shiftedThe second row is shifted once to the left.The third row is shifted twice to the left.The fourth row is shifted thrice to the left.(A left circular shift is performed.)[ b0 | b1 | b2 | b3 ] [ b0 | b1 | b2 | b3 ]| b4 | b5 | b6 | b7 | -> | b5 | b6 | b7 | b4 || b8 | b9 | b10 | b11 | | b10 | b11 | b8 | b9 |[ b12 | b13 | b14 | b15 ] [ b15 | b12 | b13 | b14 ]Step 3: Mix ColumnsThis step is a matrix multiplication. Each column is multiplied with a specific matrix and thus the position of each byte in the column is changed as a result.This step is skipped in the last round.[ c0 ] [ 2 3 1 1 ] [ b0 ]| c1 | = | 1 2 3 1 | | b1 || c2 | | 1 1 2 3 | | b2 |[ c3 ] [ 3 1 1 2 ] [ b3 ]Step 4: Add Round Keys Now the resultant output of the previous stage is XOR-ed with the corresponding round key. Here, the 16 bytes are not considered as a grid but just as 128 bits of data.After all these rounds 128 bits of encrypted data are given back as output. This process is repeated until all the data to be encrypted undergoes this process.DecryptionThe stages in the rounds can be easily undone as these stages have an opposite to it which when performed reverts the changes. Each 128 blocks goes through the 10,12 or 14 rounds depending on the key size.The stages of each round of decryption are as follows :Add round keyInverse MixColumnsShiftRowsInverse SubByteThe decryption process is the encryption process done in reverse so I will explain the steps with notable differences.Inverse MixColumnsThis step is similar to the Mix Columns step in encryption but differs in the matrix used to carry out the operation.Mix Columns Operation each column is mixed independent of the other.Matrix multiplication is used. The output of this step is the matrix multiplication of the old values and aconstant matrix[b0] = [ 14 11 13 9] [ c0 ][b1]=[ 9 14 11 13 ] [ c1 ][b2] =[ 13 9 14 11] [ c2 ][ b3 ]=[ 11 13 9 14 ] [ c3 ]Inverse SubBytesInverse S-box is used as a lookup table and using which the bytes are substituted during decryption.Function Substitute performs a byte substitution on each byte of the input word. For this purpose, it uses an S-box.Applications of AESAES is widely used in many applications which require secure data storage and transmission. Some common use cases include:Wireless security: AES is used in securing wireless networks, such as Wi-Fi networks, to ensure data confidentiality and prevent unauthorized access.Database Encryption: AES can be applied to encrypt sensitive data stored in databases. This helps protect personal information, financial records, and other confidential data from unauthorized access in case of a data breach.Secure communications: AES is widely used in protocols such as internet communications, email, instant messaging, and voice/video calls. It ensures that the data remains confidential.Data storage: AES is used to encrypt sensitive data stored on hard drives, USB drives, and other storage media, protecting it from unauthorized access in case of loss or theft.Virtual Private Networks (VPNs): AES is commonly used in VPN protocols to secure the communication between a user's device and a remote server. It ensures that data sent and received through the VPN remains private and cannot be deciphered by eavesdroppers.Secure Storage of Passwords: AES encryption is commonly employed to store passwords securely. Instead of storing plaintext passwords, the encrypted version is stored. This adds an extra layer of security and protects user credentials in case of unauthorized access to the storage.File and Disk Encryption: AES is used to encrypt files and folders on computers, external storage devices, and cloud storage. It protects sensitive data stored on devices or during data transfer to prevent unauthorized access. Comment More infoAdvertise with us Next Article Difference Between AES and DES Ciphers randomsapien Follow Improve Article Tags : Computer Subject Computer Networks cryptography Similar Reads Cryptography Tutorial Cryptography is a technique of securing communication by converting plain text into unintelligible ciphertext. It involves various algorithms and protocols to ensure data confidentiality, integrity, authentication, and non-repudiation. The two primary types of cryptography are symmetric key cryptogr 7 min read Cryptography BasicCryptography IntroductionCryptography is the study and practice of techniques for secure communication in the presence of third parties called adversaries. It deals with developing and analyzing protocols that prevents malicious third parties from retrieving information being shared between two entities thereby following th 4 min read History of CryptographyHumans have two basic needs when we take about communication. One is the need to communicate selectively, to communicate and share information. These two basic needs while communicating gave rise to coding and encrypting the messages in such a way that only intended people could have access to the i 4 min read Cryptography and its TypesCryptography is a technique of securing information and communications using codes to ensure confidentiality, integrity and authentication. Thus, preventing unauthorized access to information. The prefix "crypt" means "hidden" and the suffix "graphy" means "writing". In Cryptography, the techniques 8 min read Cryptography and Network Security PrinciplesIn the present-day scenario security of the system is the sole priority of any organization. The main aim of any organization is to protect their data from attackers. In cryptography, attacks are of two types: Passive attacks and Active attacks. Passive attacks are those that retrieve information fr 9 min read Cryptography AlgorithmPublic Key EncryptionPublic key cryptography provides a secure way to exchange information and authenticate users by using pairs of keys. The public key is used for encryption and signature verification, while the private key is used for decryption and signing. When the two parties communicate with each other to transfe 7 min read Traditional Symmetric CiphersThe two types of traditional symmetric ciphers are Substitution Cipher and Transposition Cipher. The following flowchart categories the traditional ciphers: 1. Substitution Cipher: Substitution Ciphers are further divided into Mono-alphabetic Cipher and Poly-alphabetic Cipher. First, let's study abo 3 min read What is an Asymmetric Encryption?Asymmetric encryption, also known as public-key cryptography, is a type of encryption that uses a pair of keys to encrypt and decrypt data. The pair of keys includes a public key, which can be shared with anyone, and a private key, which is kept secret by the owner. What is an Asymmetric Encryption? 8 min read Difference between Private key and Public keyCryptography as a field emphasizes the need to guarantee secure communication and data privacy. There are mainly two approaches available to perform this operation: – Private Key Cryptography (RIC or Symmetric Key Cryptography) and Public Key Cryptography (PKE or Asymmetric Key Cryptography). Althou 6 min read What is data encryption?What is Data Encryption?Data encryption is the process of converting readable information (plaintext) into an unreadable format (ciphertext) to protect it from unauthorized access. It is a method of preserving data confidentiality by transforming it into ciphertext, which can only be decoded using a unique decryption key p 10 min read Encryption, Its Algorithms And Its FutureEncryption plays a vital role in today’s digital world, serving a major role in modern cyber security. It involves converting plain text into cipher text, ensuring that sensitive information remains secure from unauthorized access. By making data unreadable to unauthorized parties, encryption helps 10 min read SHA-1 HashSHA-1 or Secure Hash Algorithm 1 is a cryptographic algorithm that takes an input and produces a 160-bit (20-byte) hash value. This hash value is known as a message digest. This message digest is usually then rendered as a hexadecimal number which is 40 digits long. It is a U.S. Federal Information 7 min read RC4 Encryption AlgorithmRC4 is a stream cipher and variable-length key algorithm. This algorithm encrypts one byte at a time (or larger units at a time). A key input is a pseudorandom bit generator that produces a stream 8-bit number that is unpredictable without knowledge of the input key, The output of the generator is c 6 min read Hash Functions in System SecurityHash Function is a function that has a huge role in making a System Secure as it converts normal data given to it as an irregular value of fixed length. We can imagine it to be a Shaker in our homes. When we put data into this function it outputs an irregular value. The Irregular value it outputs is 4 min read Blowfish Algorithm with ExamplesBlowfish is an encryption technique designed by Bruce Schneier in 1993 as an alternative to the DES Encryption Technique. It is significantly faster than DES and provides a good encryption rate with no effective cryptanalysis technique found to date. It is one of the first secure block ciphers not s 14 min read Difference between MD5 and SHA1MD5 stands for Message Digest and SHA1 stands for Secure Hash Algorithm both are cryptographic hash algorithms used for security purposes. SHA-1 or Secure Hash Algorithm 1 is a cryptographic algorithm that takes an input and produces a 160-bit (20-byte) hash value. This hash value is known as a mess 5 min read Difference between RSA algorithm and DSAIn cryptography, the two commonly used algorithms in modern cryptography for secure data transmission and to ensure the signatures of digital signatures, are the Rivest-Shamir-Adleman (RSA) algorithm and Digital Signature Algorithm (DSA). We'll learn about RSA and DSA, how they work when are they us 8 min read Classical Encryption TechniquesSymmetric Cipher ModelSymmetric Encryption is the most basic and old method of encryption. It uses only one key for the process of both the encryption and decryption of data. Thus, it is also known as Single-Key Encryption. A few basic terms in Cryptography are as follows: Plain Text: original message to be communicated 3 min read Substitution CipherHiding some data is known as encryption. When plain text is encrypted it becomes unreadable and is known as ciphertext. In a Substitution cipher, any character of plain text from the given fixed set of characters is substituted by some other character from the same set depending on a key. For exampl 6 min read Columnar Transposition CipherGiven a plain-text message and a numeric key, cipher/de-cipher the given text using Columnar Transposition Cipher The Columnar Transposition Cipher is a form of transposition cipher just like Rail Fence Cipher. Columnar Transposition involves writing the plaintext out in rows, and then reading the c 12 min read Block Cipher , DES and AESBlock Cipher Design PrinciplesBlock ciphers are built in the Feistel cipher structure. Block cipher has a specific number of rounds and keys for generating ciphertext.Block cipher is a type of encryption algorithm that processes fixed-size blocks of data, usually 64 or 128 bits, to produce ciphertext. The design of a block ciphe 3 min read Block Cipher modes of OperationEncryption algorithms are divided into two categories based on the input type: block cipher and stream cipher. A block cipher is an encryption algorithm that takes a fixed-size input (e.g., b bits) and produces a ciphertext of b bits. If the input is larger than b bits, it can be divided further. Th 8 min read Data Encryption Standard (DES) | Set 1Data Encryption Standard (DES) is a symmetric block cipher. By 'symmetric', we mean that the size of input text and output text (ciphertext) is same (64-bits). The 'block' here means that it takes group of bits together as input instead of encrypting the text bit by bit. Data encryption standard (DE 15+ min read Double DES and Triple DESAs we know the Data encryption standard (DES) uses 56 bit key to encrypt any plain text which can be easily be cracked by using modern technologies. To prevent this from happening double DES and triple DES were introduced which are much more secured than the original DES because it uses 112 and 168 2 min read Strength of Data encryption standard (DES)Data Encryption Standard (DES) is a symmetric block cipher. By ‘symmetric’, we mean that the size of input text and output text (ciphertext) is same (64-bits). The block here means that it takes group of bits together as input instead of encrypting the text bit by bit. Data encryption standard (DES) 5 min read AES Full FormAES stands for Advanced Encryption Standard and is a majorly used symmetric encryption algorithm. It is mainly used for encryption and protection of electronic data. It was used as the replacement of DES(Data encryption standard) as it is much faster and better than DES. AES consists of three block 2 min read Advanced Encryption Standard (AES)Advanced Encryption Standard (AES) is a highly trusted encryption algorithm used to secure data by converting it into an unreadable format without the proper key. It is developed by the National Institute of Standards and Technology (NIST) in 2001. It is is widely used today as it is much stronger t 7 min read Difference Between AES and DES CiphersDES (Data Encryption Standard) and AES (Advanced Encryption Standard) are both symmetric key encryption algorithms used to secure data. They use the same key for both encryption and decryption, but differ significantly in strength and design. Advanced Encryption Standard (AES) is a highly trusted en 5 min read Public Key Cryptography and RSARSA Algorithm in CryptographyRSA(Rivest-Shamir-Adleman) Algorithm is an asymmetric or public-key cryptography algorithm which means it works on two different keys: Public Key and Private Key. The Public Key is used for encryption and is known to everyone, while the Private Key is used for decryption and must be kept secret by t 13 min read Implementation of Diffie-Hellman AlgorithmDiffie-Hellman algorithm:The Diffie-Hellman algorithm is being used to establish a shared secret that can be used for secret communications while exchanging data over a public network using the elliptic curve to generate points and get the secret key using the parameters. For the sake of simplicity 10 min read ElGamal Encryption AlgorithmElGamal Encryption is a public-key cryptosystem. It uses asymmetric key encryption to communicate between two parties and encrypt the message. This cryptosystem is based on the difficulty of finding discrete logarithms in a cyclic group that is even if we know ga and gk, it is extremely difficult to 6 min read What is Cryptanalysis?Understanding Rainbow Table AttackWhat is a Rainbow Table? The passwords in a computer system are not stored directly as plain texts but are hashed using encryption. A hash function is a 1-way function, which means that it can't be decrypted. Whenever a user enters a password, it is converted into a hash value and is compared with t 4 min read What is a Dictionary Attack?A Dictionary Attack is an attack vector used by the attacker to break in a system, which is password protected, by putting technically every word in a dictionary as a form of password for that system. This attack vector is a form of Brute Force Attack. The dictionary can contain words from an Englis 2 min read Brute Force AttackA Brute force attack is a well known breaking technique, by certain records, brute force attacks represented five percent of affirmed security ruptures. A brute force attack includes 'speculating' username and passwords to increase unapproved access to a framework. Brute force is a straightforward a 3 min read Comman CryptographyCustom Building Cryptography Algorithms (Hybrid Cryptography)Cryptography can be defined as an art of encoding and decoding the patterns (in the form of messages). Cryptography is a very straightforward concept which deals with manipulating the strings (or text) to make them unreadable for the intermediate person. It has a very effective way to encrypt or dec 15+ min read An Overview of Cloud CryptographyCloud cryptography is a set of techniques used to secure data stored and processed in cloud computing environments. It provides data privacy, data integrity, and data confidentiality by using encryption and secure key management systems. Common methods used in cloud cryptography include:Symmetric en 4 min read Quantum CryptographyThe uncertainty principle of quantum physics builds the earliest foundations for quantum cryptography. With quantum computers of the future being expected to solve discrete logarithmic problems and the popularly known cryptography methods such as AES, RSA, DES, quantum cryptography becomes the fores 7 min read Image Steganography in CryptographyThe word Steganography is derived from two Greek words- 'stegos' meaning 'to cover' and 'grayfia', meaning 'writing', thus translating to 'covered writing', or 'hidden writing'. Steganography is a method of hiding secret data, by embedding it into an audio, video, image, or text file. It is one of t 8 min read DNA CryptographyCryptography is the branch of science that deals with the encoding of information to hide messages. It plays a vital role in the infrastructure of communication security. The Pioneering work had been done by Ashish Gehani et al and Amin et al after Leonard Max Adleman had shown the capability of mol 12 min read Caesar Cipher in CryptographyThe Caesar Cipher is one of the simplest and oldest methods of encrypting messages, named after Julius Caesar, who reportedly used it to protect his military communications. This technique involves shifting the letters of the alphabet by a fixed number of places. For example, with a shift of three, 11 min read One Time Password (OTP) algorithm in CryptographyAuthentication, the process of identifying and validating an individual is the rudimentary step before granting access to any protected service (such as a personal account). Authentication has been built into the cyber security standards and offers to prevent unauthorized access to safeguarded resou 7 min read Data Integrity in CryptographyMessage Authentication CodesMessage Authentication Codes are the codes which plays their role in two important functions: Authentication Detection and Falsification Detection. Where do we need these codes? Suppose User A send message to user B with message - 'abc'. A encrypts the message using Shared - Key Cryptosystem for enc 2 min read Digital Signatures and CertificatesDigital signatures and certificates are two key technologies that play an important role in ensuring the security and authenticity of online activities. They are essential for activities such as online banking, secure email communication, software distribution, and electronic document signing. By pr 11 min read Public Key InfrastructurePublic key infrastructure or PKI is the governing body behind issuing digital certificates. It helps to protect confidential data and gives unique identities to users and systems. Thus, it ensures security in communications. The public key infrastructure uses a pair of keys: the public key and the p 7 min read Like