What is Advanced Encryption Standard (AES)?

The Advanced Encryption Standards (AES) is a symmetric block cipher algorithm adopted by the U.S. National Institute of Standards and Technology (NIST) in 2001. The U.S government started using it as a standard for secure and classified data encryption and decryption, and now it is used worldwide. Advanced Encryption Standard succeeds the Data Encryption Standard (DAS) algorithm, which was published in 1977. On November 26, 2001, the AES was declared by the NIST as U.S. FIPS PUB 197 (FIPS 197). On May 26, 2002, upon the approval of the U.S Secretary of Commerce, it became effective as a federal government standard. It is a symmetric-key algorithm, that means the same key is used for both encrypting and decrypting the data.

How are the Advanced Encryption Standards Used?

In 1997, the National Institute of Standards and Technology announced the Data Encryption Standards (DES) has started to be vulnerable to brute-force attack and thus a successor is needed which can prevent such attacks. According to the NIST, this new algorithm would be unclassified and had to be "capable of protecting sensitive government information well into the next century". During the selection process, the NIST invited proposals for developing an algorithm that is easy to implement in hardware and software, as well as in restricted environments, and at the same time offers high protection against various attack techniques. The selection process was completely transparent and fully open to public review. The submitted designs were thoroughly scrutinized during the process. The NIST specified certain features that were to be included in the design of the algorithm. Those criteria included:

• The NIST mentioned the new encryption standard algorithm must be a block cipher, and it is required to be designed in a way so that it can handle 128- bit blocks, using keys sized at 128, 192, and 256 bits.
• The NIST announced the submitted algorithm must be capable of protecting the data from attack. Security strength was the key factor upon which the algorithm was to be selected.
• It was mentioned that the computational and memory efficiency of the submitted algorithms would be evaluated during the selection process.
• The algorithm was intended to be released under a global, nonexclusive and royalty-free basis.
• Flexibility and simplicity of implementation were to be judged to make the selection.

A total number of fifteen symmetric key algorithm designs were examined in the preliminary round by the world cryptographic community and the NIST was a part of it. In August 1999, five algorithms were selected for further analysis, one among them was the Rijndael. This algorithm was submitted by two Belgian cryptographers, Joan Daemen, and Vincent Rijmen. All the five selected algorithm designs were extensively tested in ANSI, C and Java languages to estimate their speed and reliability in encryption and decryption. Their key and algorithm setup time was tested in all these languages and security efficiency was evaluated, both in hardware and software-centric systems. In October 2002 the Rijndael was selected as the proposed algorithm for AES. In the following year, the U.S. government started using it as the default encryption algorithm for protecting classified information. It was first publicly available and open cipher approved by the NSA for top-secret information. Soon, it became the most widely used encryption algorithm as the security and cryptographic experts expressed high confidence in this algorithm. This algorithm contains three block ciphers: AES-128, AES-192, and AES-256. Each of these ciphers is used for encrypting and decrypting data in blocks of 128 bits. Originally, in the Rijndael cipher, there were provisions to accept additional block sizes and key lengths, but those functions were not adopted for AES. In a symmetric cipher, the same key is used for encrypting and decrypting, so both the sender and the receiver know and use the same secret key. All key lengths are capable of protecting the classified data up to the Secret level. However, the Top-Secret information requires either 192- or 256-bit key lengths. 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys are there in the algorithm design. Each round contains several processing steps including substitution, transposition, and mixing of input plaintext and it is transformed into the final output of ciphertext.