Understanding AES encryption to ensure the security of your data

By Jennifer Montérémal

Published: 28 October 2024

When it comes to data encryption, AES (Advanced Encryption Standard) is undoubtedly one of the most secure and widely used systems in the world. In fact, it has become a standard for the US government.

But what lies behind this acronym?

To understand why this technology remains infallible, we need to understand how it works, and how it compares with other encryption systems.

Our article reveals the secrets of AES, so that you have all the (encryption) keys you need to protect your sensitive information.

See all software File Sharing

What is AES encryption?

What is data encryption?

To understand AES encryption, let's take a quick look at what data encryption is all about.

The aim of this process is to secure your information by "scrambling" it so that it is incomprehensible to anyone else. To achieve this, an encryption algorithm is used. Only those with the associated encryption key will then be able to unlock the system to read the data.

Vocabulary point :

The encryption key 👉 this is the system used to decrypt the message. For a long time, this involved codes, sentences or even encryption machines, but modern cryptology uses data encoded in binary form.

Block ciphering 👉 This method involves breaking up the information to be encrypted into blocks of the same size (64 or 128 bits, for example). Encryption is then carried out block by block.
Stream encryption 👉 This technology processes data of different lengths, without splitting them up.
Symmetrical cryptography 👉 this involves information being encrypted and decrypted using the same encryption key. This system is fast, as it uses few resources and calculations compared with asymmetric.
Asymmetric cryptography 👉 In this case, two different keys are needed:
- the public key, to encrypt the data,
- the equivalent private secret key, to decrypt the same data.

Cnil

The arrival of AES encryption

AES encryption was created when the NIST (National Institute of Standards and Technology) decided to find a successor to DES (Data Encryption Standard). The current symmetrical encryption standard was deemed too vulnerable to attack and not flexible enough.

A competition was therefore launched in 1997 for cryptology researchers to find a new symmetric key encryption system.

Rijndael won the competition in 2000, and the AES standard was launched.

AES encryption: how it works and special features

AES encryption is a royalty-free standard. As a result, it can be used freely, without the need for a patent.
It is symmetrical, like DES encryption.
It is a 128-bit block encryption system. This means that 128-bit blocks are transformed into encrypted blocks of the same size.
AES encryption supports different key sizes: 128, 192 or 256 bits. Depending on these key sizes, the number of operations required per sequence to encrypt the blocks differs:
- 10 for 128 bits
- 12 for 192 bits
- and 14 for 256 bits.

☝️ The AES standard encryption key sizes are so large that it is impossible to force the system through an exhaustive search. What's more, security increases exponentially with key size. The 256-bit key, for example, offers an astronomical ²²⁵⁶ possible combinations.

Even with a multitude of super-powered computers, cracking a 256-bit AES key would take longer than the supposed age of the universe!

Advantages of AES encryption

In addition to the guaranteed high level of security, AES encryption offers other advantages:

Fast processing and high performance 👉 the AES system can quickly encrypt and decrypt a large amount of data.
Low resource and memory requirements 👉 the AES algorithm can therefore be used for consumer devices such as laptops.
Wide range of implementation options 👉 on hardware or software.

Which is the best encryption algorithm?

AES VS DES

The DES standard uses 64-bit blocks and keys of the same size. This means that there are ²⁶⁴ possible key combinations to test, or 16,000,000,000,000,000,000.

But even with this imposing number, this technology has proved to be fallible. Indeed, computer power has increased steadily over the decades and, in 2012, a system was designed that could crack a DES key in 26 hours.

DES encryption is therefore not completely secure, although it is still used today.

AES encryption has never been cracked. It remains perfectly secure compared with current technological possibilities.

AES VS RSA

The RSA encryption algorithm is an asymmetric encryption system. It is the most widely used standard alongside AES encryption.

This system is very secure, since the public key is the product of multiplying large prime numbers together. Only this product, with a length of 1024, 2048 or 4096 bits, is made public.

So why use one encryption technology more than the other?

First of all, RSA encryption is much more computationally intensive. As a result, it is used to encrypt smaller quantities of data.
Secondly, AES is more secure than RSA for the same bit size. Cracking RSA does not involve brute force attacks like AES. You have to factor the module into prime numbers and derive them yourself, which is much more feasible.

However, the asymmetric property of RSA encryption makes this system advisable in certain cases, particularly when the two end points for data exchange are geographically distant: information can transit between these two points, without anyone caring who intercepts it in the meantime.

At the end of the day, more than a question of safety, it is a question of use that determines the use of one standard or another.

☝️ This is why the two technologies are often combined. Today, most data is encrypted using AES encryption, which is faster and more secure. But to obtain the key for decryption, the sender often uses the RSA system.

What practical uses are there for AES encryption? Examples of software

Password managers

Many password management software applications use AES encryption. This makes it possible to secure the data contained in digital safes.

🛠️ LastPass, for example, uses 256-bit AES encryption to protect its users' information. All users have to do is create an account with an email address and a secure master password to generate a unique encryption key. This will be used to decrypt the safe locally once it has been verified. As a result, even LastPass employees do not have access to the data it contains.

VPNs

VPNs also use encryption keys. Their operation requires the encryption of data circulating between private computers and their servers. This guarantees online anonymity and protection against brute force.

🛠️ NordVPN, for example, uses AES technology with 256-bit keys to make users' data unreadable, even to governments (they may be entitled to ask ISPs!) or hackers.

With digital transformation, dematerialisation and the new uses that go with it (teleworking, for example), more and more professionals are using this type of software to exchange files. And some of these files may contain sensitive data, such as medical records. That's why these solutions often use the AES standard.

🛠️ WeSend, for example, can receive and send large files. It uses 256-bit AES technology to secure the content. This makes the information indecipherable for the servers through which it passes.

See all software File Sharing

Understanding data encryption to ensure your security

Encryption systems have been around for a long time, but new consumer habits have made them an essential issue that both professionals and private individuals now need to address. The emergence of VPNs, password management software and other file-sharing tools is a case in point.

What are the consequences?

Faced with promises of security (sometimes couched in technical jargon that is incomprehensible to the uninitiated), everyone needs to take a closer look at the technologies available. The aim is to make an informed choice about the encryption solutions best suited to your information protection needs.

But one thing is certain: AES encryption is still a safe bet when it comes to today's technologies.

Article translated from French