If you were to save a dollar every time you read or heard that cybercrime is on the rise, your piggy bank would probably be full by now, right? But, unfortunately, cybercriminals are constantly developing more sophisticated techniques of breaking and cracking into companies’ networks and systems. Regardless, organizations must outsmart these threat actors and protect their sensitive data at all costs.
And one of the proven ways of realizing that feat is by encrypting data. If you’re wondering, encryption is a security technique of using complex algorithms to scramble or encode data so that only authorized personnel can access or read the data, i.e., those with the unique decryption key.
Today we’ll discuss one of the three major encryptions – Advanced Encryption Standard or AES. What is it, how does it work, and where is it applicable? Keep scrolling to find out more!
In a word, AES is a symmetric type of encryption, as it uses only one unique key to encrypt and decrypt data. The encryption was originally known as Rijndael after its first-ever developers, Belgian cryptographers Vincent Rijmen and Joan Daemen. AES encryption was first established in the U.S. in 2001 by the National Institute of Standards and Technology (NIST), and it’s trusted to protect top-secret information.
In order to select AES as their go-to block cipher, NIST considered three different ciphers of 128-bit data, with varying key lengths of 128, 192, and 256 bits. But in the end, the agency settled for the block cipher developed by Daemen and Rijmen, as it’s one of the strongest encryption standards and is unbreakable by brute force.
Let’s be honest; understanding the AES encryption algorithm can be challenging, especially if you don’t have a background in maths. Thankfully, it’s possible to simplify the complex AES cipher details by replacing the binary codes with normal symbols. Let’s break down the primary idea behind the cryptography of AES in the sections below:
Data Division into Blocks
Under the AES encryption method, the first step is your plain text (information you want to be encrypted or uncodified text) gets divided into blocks. Keep in mind that AES is a block cipher of 128-bits. That means it separates data in a 4×4 layout, with each block containing a column of 16 bytes (and there are 8 bits in 1 byte, so 16 x 8 = 128).
Here, the primary goal is to take the first key and leverage it to come up with a bunch of other keys for each round of the encryption process. The new keys are derived with the assistance of Rijndael’s key schedule. So after using Rijndael’s key schedule, the new keys will resemble a jumble of random characters. But not so random since the schedule applies a defined process when encrypting different symbols.
Add Round Key
Congratulations! You’ve now reached the first round of AES encryption, where the initial key gets added to the block of message. The summation is usually done with XOR cipher, an additive encryption algorithm. From the face value, though, putting together these two blocks may seem like a daunting task. But one thing to remember is that this block cipher uses binary code. So what you’ll see is nothing but a visual depiction of what’s happening in the binary language. The key takeaway is, after adding the two blocks, you’ll come up with a 100% unique block of cipher.
Here, AES algorithms use a pre-established table known as the Rijndael S-box to replace each byte with a unique code. So, according to the S-box, an element like e9 becomes 1a, dj becomes 62, h3 becomes jb, and so on.
The step is as straightforward as it sounds; the AES algorithm shifts rows of blocks from the substitution process above. For instance, the first row stays as it is, the second row moves 1-byte to the left, the third row gets shifted 2-bytes to the left, while the last one moves 3-bytes in the same direction.
Again, the AES algorithm does exactly what the title says in this step. Particularly, each column gets multiplied by a predetermined matrix, resulting in a unique block of code.
Adding Round Keys
Notice that round keys were already made at the early stages of the process using Rijndael’s key schedule and the initial key. So it’s time to add the block from the initial round key plus the block derived from the mixed columns. Thus, the process results in another unique block of binary code, subject to further modifications.
The encryption process carries on and on, depending on the length of the AES key. So if it’s a 128-bit key, it’ll take 9 rounds for full encryption; 192-bit will require 11 rounds, while 256-bits will take 13 rounds.
But that’s not all, as the 9, 11, and 13 rounds only cover the stages of adding round keys, byte substitution, and row shifting – leaving out column mixing. So by the end of the encryption process, the data will have gone through 10 rounds for 128-bits key, 12 rounds for 192-bits key, and 14 rounds for 256-bits key.
Besides protecting the government’s top secrets and data, AES encryption is also applicable in various everyday use technology solutions, including:
After reading this blog, hopefully, you understand why the advanced encryption standard is often referred to as the “gold standard” of encryption techniques. It has everything it takes, from versatility, immunity to the most sophisticated cyberattacks, speed – you name it.
365 Technologies is an industry leader in cybersecurity matters, and we take pride in helping Winnipeg organizations enhance their security posture through the most advanced solutions. These include data backups, 24/7 security monitoring, disaster recovery, and more. So contact us today, and let us help your business remain productive and secure!