LLMpediaThe first transparent, open encyclopedia generated by LLMs

AES

Generated by DeepSeek V3.2
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Transport Layer Security Hop 4
Expansion Funnel Raw 54 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted54
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
AES
NameAdvanced Encryption Standard
CaptionThe official AES logo.
DesignersVincent Rijmen, Joan Daemen
Publish date2001
Derived fromSquare
Key sizes128, 192, or 256 bits
Block sizes128 bits
StructureSubstitution–permutation network
Rounds10, 12, or 14 (depending on key size)
CryptanalysisBest known attacks are computationally infeasible against full-round versions.

AES. The Advanced Encryption Standard is a specification for the encryption of electronic data established by the National Institute of Standards and Technology in the United States. It superseded the Data Encryption Standard and has become the most widely used symmetric-key algorithm globally, implemented in everything from secure web traffic via Transport Layer Security to file encryption software. The algorithm, originally called Rijndael, was selected through a public competition and is based on a design by Belgian cryptographers Vincent Rijmen and Joan Daemen.

Overview

The development of AES was initiated by NIST in 1997 to address the vulnerabilities and key size limitations of the aging Data Encryption Standard. After a multi-year, open evaluation process involving the global cryptographic community, the Rijndael cipher was announced as the winner in October 2000. It was formally adopted as a Federal Information Processing Standard in 2001. The selection process was notable for its transparency and international participation, with finalist algorithms like Serpent and Twofish also receiving significant analysis. The adoption of AES marked a pivotal shift towards publicly vetted, strong cryptographic standards for protecting sensitive but unclassified government information and commercial data.

Algorithm description

AES is a symmetric block cipher that operates on a 128-bit block of data using a substitution–permutation network structure. The algorithm performs its operations on a 4x4 array of bytes, known as the state. Each encryption round, except the final one, consists of four primary transformations: SubBytes (a non-linear substitution using an S-box), ShiftRows (a transposition step), MixColumns (a linear mixing operation), and AddRoundKey (where the state is combined with a round key derived from the main cipher key). The number of rounds executed is 10, 12, or 14, depending on whether a 128, 192, or 256-bit key is used. The key schedule, managed by the Rijndael key schedule, expands the initial key into a series of round keys required for the AddRoundKey step.

Security

AES is considered highly secure against all known practical cryptanalytic attacks. The most effective attacks published, such as biclique attacks, are only marginally faster than a brute-force attack and remain computationally infeasible against the full cipher with a 256-bit key. The design resists linear cryptanalysis and differential cryptanalysis, the primary techniques that broke previous ciphers like DES. While theoretical attacks like related-key attacks exist in certain reduced-round models, they do not threaten standard implementations. Concerns regarding side-channel attacks, such as timing attacks or power analysis, are implementation-specific and are addressed through constant-time coding and hardware countermeasures in processors like those from Intel with AES-NI.

Implementations and performance

AES is implemented in both software and hardware for high performance and security. Most modern CPUs, including those from Intel, AMD, and ARM, feature dedicated instruction sets like AES-NI and ARMv8 cryptographic extensions to accelerate operations. Software libraries such as OpenSSL, LibreSSL, and the Linux kernel's crypto API provide optimized implementations. Its efficiency allows it to be used for bulk encryption in real-time systems, including the IEEE 802.11i standard for Wi-Fi Protected Access and the Internet Protocol Security suite. Performance benchmarks consistently show AES outperforming other finalists from the NIST competition, especially when hardware acceleration is available.

Standardization and adoption

AES is a ubiquitous global standard, ratified by numerous standards bodies including NIST, ISO/IEC 18033-3, and the Internet Engineering Task Force. It is mandated for protecting classified information by U.S. government agencies like the National Security Agency, up to the TOP SECRET level when using 192 or 256-bit keys. Its adoption is nearly universal in protocols for secure communication, forming the core of Transport Layer Security, SSH File Transfer Protocol, and encrypted storage systems like BitLocker and FileVault. The algorithm's public design and extensive third-party analysis have made it a cornerstone of modern cryptography, trusted by industries ranging from finance to telecommunications.

Category:Block ciphers Category:Computer security standards Category:Federal Information Processing Standards Category:Cryptography