Advanced Encryption Standard (AES) software is a security program that uses a symmetric key block cipher to encrypt files, data, and other information. This cryptographic software typically helps individuals and businesses to safely secure hard drives, operating systems, e-mails, and files from malicious attacks. These AES ciphers are used worldwide due to having been analyzed extensively.
AES encryption software was adopted by the United States (US) government’s National Institute of Standards and Technology (NIST) for its symmetric-key encryption standard. The AES encryption standard was taken from a much larger collection published as Rijndael. Most AES encryption software consist of one 128-bit block cipher and three key sizes — AES 128, AES 192, and AES 256. These three different key sizes cause each algorithm to behave slightly different, thereby making it difficult to break the encryption.
Symmetric key ciphers use only one key to encrypt and decrypt data. The three different key sizes allow for varying bit sizes, thereby allowing the user to choose the complexity of the encryptions. Generally, the larger the key size used, the more complex the algorithm will be to encrypt the data. AES encrypts and decrypts data in 128-bit blocks.
When AES encryption software is properly implemented into a system, its performance typically is secure, efficient, and fast. The operations of the AES encryption software generally make it easy to defend against power and timing attacks. AES encryption software typically performs well in both hardware and software across many platforms and environments. Computer systems protected by AES are usually considered highly secure. These systems typically are password-protected and encrypted using the AES standard.
The US government has declared AES encryption to be secure enough to protect its classified documents at the secret level since June 2003. It is generally believed that only side-channel attacks are able to break the AES encryption on certain implemented systems. Side-channel attacks do not attack the cipher itself; instead, it attacks certain implementations of the cipher on systems that happen to leak information; in this instance, the AES security itself is not being attacked.
In July of 2009, a related-key attack was reported on the 192 and 256 AES software versions. Also, in November 2009, a known-key distinguishing attack was reported on the AES 128 version. While these attacks are hard to accomplish because they must be done at a faster speed than brute-force attacks, certain implementations were found on the systems where the attacks occurred.