What is AES? Advanced Encryption Standard explained

Anton P. | September 15, 2023

What is AES, and what part does it play in VPN functionality? AES, or Advanced Encryption Standard, is the algorithm used to encrypt and decrypt internet traffic.

Of course, providers can power up the encryption process through other methods. However, seeing AES among the most preferred encryption algorithms is canon. The biggest benefits of AES are its security, compatibility, and performance.

So, let’s discuss what you get with a VPN that protects your data with AES.

Learn about AES algorithm and how secure it is.

What is the AES encryption method?

Advanced Encryption Standard (AES) is a symmetric encryption algorithm using the same key to encrypt and decrypt data. It turns plain text into a code only the intended recipient can read.

To this day, the AES algorithm is one of the most trusted encryption strategies. Many government institutions across the world depend on it to protect sensitive data.

It emerged as a more robust way to protect top-secret information. The National Institute of Standards and Technology (NIST) intended the encryption technique to be less vulnerable to brute force attacks.

Experts state that the AES encryption algorithm is more mathematically efficient than predecessors like the Data Encryption Standard (DES). Another one of the AES strengths is its varying level of security or the options for its key lengths.

Upgrade to AtlasVPN Premium

How AES encryption works

AES is a symmetric block cipher applying the same key for encryption and decryption. As we directly discuss encryption, it is crucial to define the general concept:

Encryption is a mathematical process converting plain text (for example, what you write) into ciphertext (code representing what you wrote). Different algorithms can drive this process, and AES is one of them.

  • The AES algorithm deals with data in smaller blocks instead of all at once.
  • This encryption method also uses multiple encryption rounds. The more rounds take place, the more secure data becomes. These processes relate to the substitution-permutation network.
  • The number of rounds depends on the key length selected. AES offers keys sized at 128, 192, and 256 bits. The 256-bit key length is the most robust and applies the highest number of rounds.
  • The 128-bit key performs ten rounds, while the 192-bit key uses 12. The 256-bit key uses 14 rounds.
  • Rounds consist of multiple processes: substitution, shifting, mixing, and further encryption.
  • Substitution is the process of turning plain text into the encrypted form based on the selected cipher.
  • Shifting rows means that all rows get shifted by one (the first row remains unchanged).
  • Mixing uses the Hill cipher to jumble the columns. It stops someone from shifting rows back to decrypt the data.
  • Further encryption refers to the portion of the encryption key encrypting the data block.

Which key length is enough to protect data?

The longer the key, the more robust AES encryption is. In many use cases, AES-128 is enough to protect users’ data. However, some instances do require higher levels of protection. Then, AES-192 or AES-256 options are the most suitable for highly sensitive data stored.

More on AES encryption types

The three AES types are the key length options you choose:

  • AES-128 represents the 128-bit key length. It applies ten encryption rounds, resulting in 3.4 x 10^(38) combinations.
  • AES-192 is the 192-bit key length, performing 12 encryption rounds. It has 6.2 x 10^(57) combinations.
  • AES-256 offers a 256-bit key length. It has 14 encryption rounds and 1.1 x 10^(77) possible combinations.

AES vs. RSA encryption

The AES vs. RSA encryption illustrates the difference between asymmetric and symmetric encryption. AES uses the symmetric type, which means one key is for encryption and decryption.

However, like other asymmetric encryption methods, RSA uses one key for encryption and another for decryption.

On paper, AES and RSA are secure options for securing information. Nonetheless, they do tend to fit in some roles more than others.

  • AES is much more suitable for handling large amounts of encrypted data. Its speed is also one of its trump cards.
  • RSA is highly suitable for secure key exchange and digital signatures. Browsers and email providers also commonly use it.
  • AES shines best in file encryption, Wi-Fi security, bulk data encryption, and secure communications.
  • RSA shows its strengths in authentication, SSL/TLS handshakes, and digital signatures.

Can someone crack AES encryption?

AES stands strong and has never been cracked. Current computing power would take millions of years to pose a threat to encrypted information. So, no brute-force attacks have the resources to break AES.

However, experts have indicated one possible attack path. It refers to non-secure systems that leave opportunities for attackers to discover how the encryption algorithm works. Thus, while AES is highly robust, the entities applying it must provide a stable implementation.

AES encryption in your daily life

Understanding AES encryption and its processes requires some technical how-to. However, you encounter AES encryption more than you know. For one, WhatsApp and other instant messaging services protect your messages using AES.

If you use Atlas VPN already, you also encounter AES. AES-256 is the encryption algorithm protecting your data. So, you can rest assured that data becomes virtually uncrackable.

Anton P.

Anton P.

Former chef and the head of Atlas VPN blog team. He's an experienced cybersecurity expert with a background of technical content writing.



© 2023 Atlas VPN. All rights reserved.