knowledge/technology/cryptography/AES.md

---
obj: concept
wiki: https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
---

# AES
The Advanced Encryption Standard (AES) is a widely adopted symmetric encryption algorithm used to secure sensitive data. It was established as a standard by the U.S. National Institute of Standards and Technology (NIST) in 2001, following a public competition to select a successor to the Data Encryption Standard (DES). AES is known for its efficiency, security, and versatility, making it a popular choice for various applications, including data encryption, secure communications, and cryptographic protocols.

## Key Features
### 1. **Symmetric Encryption**
AES is a symmetric encryption algorithm, meaning the same key is used for both encryption and decryption. This key is kept secret between the communicating parties.

### 2. **Block Cipher**
AES operates on fixed-size blocks of data, encrypting and decrypting data in blocks of 128 bits. It supports key sizes of 128, 192, or 256 bits.

### 3. **Key Expansion**
The key expansion process in AES generates a set of round keys derived from the original key. These round keys are used in the multiple rounds of encryption and provide a high level of security.

### 4. **Rounds of Encryption**
AES performs a series of transformations known as rounds. The number of rounds depends on the key size: 10 rounds for a 128-bit key, 12 rounds for a 192-bit key, and 14 rounds for a 256-bit key.

### 5. **Substitution-Permutation Network (SPN) Structure**
AES employs an SPN structure, combining substitution (replacing each byte with another) and permutation (rearranging bytes) operations to achieve confusion and diffusion, enhancing the algorithm's security.

## Encryption Process
1. **Key Expansion:** Generate a set of round keys from the original key.
2. **Initial Round:** Add the initial round key to the plaintext.
3. **Main Rounds:** Perform a series of substitution, permutation, and mixing operations for the specified number of rounds.
4. **Final Round:** The final round excludes the mixing operation.
5. **Output:** The result is the ciphertext.

## Decryption Process
1. **Key Expansion:** Generate the round keys from the original key.
2. **Initial Round:** Add the initial round key to the ciphertext.
3. **Main Rounds:** Perform the inverse operations of the encryption process in reverse order.
4. **Final Round:** The final round excludes the mixing operation.
5. **Output:** The result is the decrypted plaintext.

## Strengths of AES
- **Security:** AES has withstood extensive cryptanalysis and is considered highly secure when implemented correctly.
- **Efficiency:** It is computationally efficient and well-suited for both hardware and software implementations.
- **Versatility:** AES is used in various applications, including securing data at rest, data in transit, and cryptographic protocols like TLS.

## Variants of AES
- **AES-128:** Uses a 128-bit key and 10 rounds of encryption.
- **AES-192:** Uses a 192-bit key and 12 rounds of encryption.
- **AES-256:** Uses a 256-bit key and 14 rounds of encryption.

## Usage
One can use AES with [OpenSSL](OpenSSL.md) or [GPG](GPG.md):

### OpenSSL
Encrypt:
```shell
openssl enc -aes-256-cbc -salt -in plaintext.txt -out encrypted_file.enc
```

Decrypt:
```shell
openssl enc -aes-256-cbc -d -in encrypted_file.enc -out decrypted_file.txt
```

### GnuPG
Encrypt:
```shell
gpg -c --cipher-algo AES256 file.txt
```

Decrypt:
```shell
gpg -d file.txt.gpg -o decrypted_file.txt
```
init 2023-12-04 10:02:23 +00:00			`---`
			`obj: concept`
update 2024-05-31 12:58:32 +00:00			`wiki: https://en.wikipedia.org/wiki/Advanced_Encryption_Standard`
init 2023-12-04 10:02:23 +00:00			`---`

			`# AES`
			The Advanced Encryption Standard (AES) is a widely adopted symmetric encryption algorithm used to secure sensitive data. It was established as a standard by the U.S. National Institute of Standards and Technology (NIST) in 2001, following a public competition to select a successor to the Data Encryption Standard (DES). AES is known for its efficiency, security, and versatility, making it a popular choice for various applications, including data encryption, secure communications, and cryptographic protocols.

			`## Key Features`
			`### 1. Symmetric Encryption`
			`AES is a symmetric encryption algorithm, meaning the same key is used for both encryption and decryption. This key is kept secret between the communicating parties.`

			`### 2. Block Cipher`
			`AES operates on fixed-size blocks of data, encrypting and decrypting data in blocks of 128 bits. It supports key sizes of 128, 192, or 256 bits.`

			`### 3. Key Expansion`
			`The key expansion process in AES generates a set of round keys derived from the original key. These round keys are used in the multiple rounds of encryption and provide a high level of security.`

			`### 4. Rounds of Encryption`
			`AES performs a series of transformations known as rounds. The number of rounds depends on the key size: 10 rounds for a 128-bit key, 12 rounds for a 192-bit key, and 14 rounds for a 256-bit key.`

			`### 5. Substitution-Permutation Network (SPN) Structure`
			`AES employs an SPN structure, combining substitution (replacing each byte with another) and permutation (rearranging bytes) operations to achieve confusion and diffusion, enhancing the algorithm's security.`

			`## Encryption Process`
			`1. Key Expansion: Generate a set of round keys from the original key.`
			`2. Initial Round: Add the initial round key to the plaintext.`
			`3. Main Rounds: Perform a series of substitution, permutation, and mixing operations for the specified number of rounds.`
			`4. Final Round: The final round excludes the mixing operation.`
			`5. Output: The result is the ciphertext.`

			`## Decryption Process`
			`1. Key Expansion: Generate the round keys from the original key.`
			`2. Initial Round: Add the initial round key to the ciphertext.`
			`3. Main Rounds: Perform the inverse operations of the encryption process in reverse order.`
			`4. Final Round: The final round excludes the mixing operation.`
			`5. Output: The result is the decrypted plaintext.`

			`## Strengths of AES`
			`- Security: AES has withstood extensive cryptanalysis and is considered highly secure when implemented correctly.`
			`- Efficiency: It is computationally efficient and well-suited for both hardware and software implementations.`
			`- Versatility: AES is used in various applications, including securing data at rest, data in transit, and cryptographic protocols like TLS.`

			`## Variants of AES`
			`- AES-128: Uses a 128-bit key and 10 rounds of encryption.`
			`- AES-192: Uses a 192-bit key and 12 rounds of encryption.`
			`- AES-256: Uses a 256-bit key and 14 rounds of encryption.`

			`## Usage`
restructure 2024-01-17 08:00:45 +00:00			`One can use AES with [OpenSSL](OpenSSL.md) or [GPG](GPG.md):`
init 2023-12-04 10:02:23 +00:00
			`### OpenSSL`
			`Encrypt:`
			```shell
			`openssl enc -aes-256-cbc -salt -in plaintext.txt -out encrypted_file.enc`
			```

			`Decrypt:`
			```shell
			`openssl enc -aes-256-cbc -d -in encrypted_file.enc -out decrypted_file.txt`
			```

			`### GnuPG`
			`Encrypt:`
			```shell
			`gpg -c --cipher-algo AES256 file.txt`
			```

			`Decrypt:`
			```shell
			`gpg -d file.txt.gpg -o decrypted_file.txt`
			```