What is Advanced Encryption Standard (AES)?

The encryption protocol underlying the vast majority of today’s secure information transfer.


What it is: AES, or Advanced Encryption Standard, is an encryption specification. Its algorithm can quickly and efficiently scramble and unscramble data to a degree of elaboration such that it’s almost uncrackable if implemented correctly. Established in 2001 by the US National Institute of Standards and Technology, it’s now the gold standard for encryption worldwide.

What it does: AES is a symmetric private key encryption system, meaning that it encrypts and decrypts text with a string of bits held privately by the sender and receiver. The algorithm scrambles the original text using the key multiple times (10 iterations is standard) until it’s unreadable by anyone who doesn’t have the key, and then does the same in reverse. This process undergirds all of the secure file transfer that we do, including the transfer of highly classified government information.

Why it matters: Quite simply, AES, if implemented correctly, is virtually unbeatable as of this date. Although security researchers have proposed viable attacks against it, they’re purely theoretical at this point, requiring untenable amounts of computing power.

What to do about it: There’s nothing to do, unless you’re a computer security researcher or a malicious actor with big dreams. AES is, in computer security, as omnipresent as gravity, and almost as reliable. You don’t need to know how it works to be taking advantage of it constantly. There are potential vulnerabilities in systems where AES is implemented such that the encrypting devices leak information; these are called side-channel attacks. However, to date, these attacks remain preventable. Additionally, it’s speculated that quantum computing could break AES, but this is also theoretical at this time.

Full content available to GigaOm Subscribers.

Sign Up For Free