What is the full form of AES

AES - Advanced Encryption Standard

Advanced Encryption Standard, AES for short, is a symmetrical encryption method that, under the name Rijndael, won the competition to succeed DES as the encryption standard. Rijndael was developed by the Belgian cryptographers Vincent Rijmen and Joan Daemen. The correct pronunciation is Reindahl.
Since the end of 2001, Rijndeal has been officially standardized as AES in the USA by the NIST (National Institute of Standards and Technology). It is used for the encryption of documents and communication links. AES is not patented and can therefore be used freely.

Note: The exact functioning of AES or Rijndael can only be understood with basic mathematical knowledge, which goes far beyond the necessary understanding of AES. In order to be able to understand the process of an AES encryption, one does not have to know these mathematical principles. The mathematical method of AES is therefore not discussed here.

AES encryption and decryption

Rijndael and AES are block ciphers based on a substitution permutation network (SPN). The procedure alternates between substitution and permutation at each step. AES is also used as an SP cipher. The transformation of the plain text takes place in several rounds of the same structure. The plain text is not processed as a whole, but in blocks. Among other things, the relationship between plain text and ciphertext is blurred, which is called confusion in cryptological terminology.
With Rijndael, block length and key length can have the values ​​128, 160, 192, 224 or 256 bits independently of each other. With AES, the block length is set to 128 bits and the key size to 128 (10 rounds), 192 (12 rounds) and 256 bits (14 rounds).

AES decryption necessarily requires that the same steps must be followed as with encryption. Just in reverse order. In a way, this is a weakness of AES.

Applications

Many processors include a hardware AES implementation with special machine instructions that can be accessed via a software library. AES is also suitable for mobile applications.

How secure is AES?

So far, there is no known weakness of AES that is even remotely of practical significance. Some quite interesting theoretical attacks are known for this. For example, the biclique cryptanalysis. Although these attacks are not of practical relevance, they keep causing discussions.

One point of criticism of AES is the representation of the mathematical procedure as a complex algebraic formula. This makes AES susceptible to quadratic cryptanalysis. However, there is no method to solve the quadratic equation of this complexity.
The solution to the AES formula also only affects sub-areas of mathematics that have nothing to do with cryptography. However, it cannot be ruled out that at some point someone who has nothing to do with cryptography will discover a simplification or even the solution and publish it. How long AES can still be used safely cannot be said with certainty.

The security of AES depends, among other things, on the key length. Even with a key length of 128 bits, the complete key search is unsuccessful. However, it can be assumed that the computing power of newer computers will advance rapidly and the key length will become the crux of the matter. It is advisable to choose a key length of 256 bits in order to have enough security buffer for the future.
There is a danger when the performance of the computer increases rapidly or when new findings lead to a simplification of the complete key search. That being said, one can assume that AES will be secure enough for a long time to come.

AES alternatives

Rijndael originally won against 15 competitors in the competition for a DES successor and was specified as AES. However, this does not mean that the other encryption methods were worse. There is agreement among encryption experts that, in addition to Rijndael, the Serpent and Twofish methods would have been worthy winners of the AES competition.
Should it ever happen that Rijndael in the form of AES has to be viewed as unsafe, then there are several equivalent alternatives.

In addition to the processes mentioned, only the CAST-256 and SAFER + processes are of interest. Although less well known, they have given cryptography new impulses and insights.

Serpent

Given the weaknesses of AES known today, it is believed that Serpent should have won the AES competition.
Serpent is a little slower than other comparable processes. It is called a conservative procedure. It has a large safety buffer, which is why it is suitable for applications that must have a high level of safety for decades.

Twofish (by Bruce Schneier)

Bruce Schneier's Twofish is the second process besides Serpent that could have won the AES competition. It is a further development of Blowfish, which is a DES alternative.
Twofish encrypts with 128-bit blocks and key lengths of 128, 192 or 256 bits.

RC6 - Rivest Cipher 6

RC6 is the successor to R5 and was developed by Ron Rivest together with three other colleagues in order to be able to take part in the AES competition.
The reasons for the rejection of RC6 are insufficiently researched data-dependent rotations, an unclear patent situation and the focus on use in 32-bit processors.
RC6 is considered to be sufficiently safe if one disregards the low safety buffer. The best attack is brute force.
Unfortunately, the process is patented and is therefore only used in a few commercial products. This puts RC6 in the shadow of Serpent and Twofish.

MARS (from IBM)

MARS is one of 5 AES finalists. However, with most of the weaknesses. The process was developed by IBM, whose developers did pioneering work at DES.
MARS has a block length of 128 bits and supports key lengths from 128 to 448 bits in 32-bit steps.
During the final selection of the AES competition, some inconsistencies and weaknesses became known. However, no practically usable attack is known.

Other related topics:

share

Product recommendations

Everything you need to know about networks.

Network technology primer

The network technology primer is a book about the basics of network technology, transmission technology, TCP / IP, services, applications and network security.

I want that!

Everything you need to know about networks.

Network technology primer

The network technology primer is a book about the basics of network technology, transmission technology, TCP / IP, services, applications and network security.

I want that!