Users on the Internet store and send encrypted files and information every day. Encryption protects data from theft and misuse. We present AES encryption as a secure encryption method.
What is AES encryption?
AES encryption is a method used when storing and sending data. AES stands for Advanced Encryption Standard. The AES standard provides an encryption algorithm that was developed in the USA. The National Institute of Standards and Technology (NIST) issued a call for tenders in 1997 to search for a significantly more secure algorithm. The US government thus pursued the intention of encrypting confidential files of the highest classification level even better.
Until the Advanced Encryption Standard was developed, government agencies used the Data Encryption Standard (DES) method for encryption. This outdated standard used a key with a length of 56 bits and could thus no longer guarantee the demands of IT security. In addition, the 56-bit key was also no longer suitable for the powerful computers of hackers. With a brute force attack, they could decrypt the secret keys very easily by trying all possible keys of the 56 bit encryption.
So the Institute of Standards and Technology set higher standards for data security. They defined a new algorithm, which resulted in the Advanced Encryption Standard. The Institute specified that the length of the keys should be extended and that different keys should be integrated into the algorithm. Ciphers with these key lengths were created:
- 128 bit encryption
- 192 bit encryption
- 256 bit encryption
Another criterion for the development of a secure encryption was the requirement not to apply for patent rights. This was to ensure that other developers could incorporate the new algorithm into their programs to increase the security of encrypted data. After a long review and fierce competition, NIST announced the winner of the tender in October 2000. The Rijndael algorithm by the two Belgian developers Joan Daemen and Vincent Rijmen met the requirements. Since then, it has been used as the algorithm for AES encryption and standard.
How encryption works with AES
Earlier methods of encryption and decryption used asymmetric encryption. This involved a key pair consisting of a public key and a secret key. First, the sender encrypted his message with the recipient’s public key. Only the owner of the matching private key could decrypt the files secured with the public key.
In contrast to this method, the Rijndael algorithm uses symmetrical encryption. Here, only one key exists for the transmission from the sender to the receiver and from the receiver to the sender. AES uses this key to encrypt data via a mathematical procedure and to decrypt it again later. Symmetric encryption is much more secure than asymmetric encryption with the same key length.
The Rijndael scheme is a block cipher and divides the incoming plaintext into a block with four rows and four columns. A block has a total of 16 bytes, so each box contains one byte. Each block goes through several rounds of four steps during ciphering or deciphering. Depending on the key length, there are ten rounds for AES-128, twelve rounds for AES-192 and a total of 14 rounds for AES-256. The four steps are repeated in each round.
The symmetrical encryption procedure with AES in four steps
- Step 1 – SubKeys: Here, Rijndael uses an S-box. This indicates with which value the algorithm replaces which byte in the blocks. The S-Box is derived from the AES key.
- Step 2 – ShiftRow: Now Rijndael shifts the bytes in the blocks line by line by a certain number of columns to the left.
- Step 3 – MixColumn: At this point, the AES algorithm mixes the bytes using a mathematical procedure called a linear transformation.
- Step 4 – AddRoundKey: AES finally links the current round key with the values of the blocks.
Encryption with the Advanced Encryption Standard goes through these four steps as often as the key length dictates. The result is the so-called ciphertext, which no longer reveals anything of the content of the message or information to the naked eye. During decryption, Rijndael goes through all the steps over all the rounds in reverse order. This is how the plaintext is created from the ciphertext.
TeamDrive uses both methods for its cloud services. The symmetric AES-256 key encodes data, while the asymmetric key based on the RSA algorithm ensures confidential and secure communication. In addition, TeamDrive also relies on end-to-end encryption.
How much security does AES encryption offer?
AES is an encryption method that is still considered very secure today. The high key length still guarantees security. The keys cannot be decrypted without authorization using the brute force method. The US government therefore uses the AES variants AES-192 and AES-256 to encrypt secret government documents.
In the meantime, successful attacks on systems with AES have become known. However, the security vulnerabilities were due to a faulty integration of the AES keys into the system and not to the AES algorithms themselves. However, no scientist or hacker has yet succeeded in actually attacking the algorithm. With the advancement of the technical computing power of computers, however, it would be conceivable that an AES key could be cracked at some point. As of today, however, this is not yet in sight.
AES encryption in application
Encryption with AES is now widely used. The AES standard encrypts millions of sensitive data every day. All common browsers on the net use AES. The algorithm is also part of the WPA2 protocol for WLAN and for the SSL/TLS protocol. It is also used in various firewalls and routers. VPN networks, voice-over-IP telephony and operating systems such as macOS also use AES.
