Understanding AES encryption to ensure the security of your data

When it comes to data encryption, AES (Advanced Encryption Standard) remains unquestionably one of the most secure and widely used systems in the world. In fact, it has become a standard for the US government.

But what lies behind this acronym?

To understand why this technology remains infallible, we need to understand how it works, and how it compares with other encryption systems.

Our article reveals the secrets of AES, so that you have all the (encryption) keys in hand to ensure the protection of your sensitive information.

See all software File Sharing

What is AES encryption?

What is data encryption?

To understand AES encryption, let's take a quick look at the benefits of data encryption.

It's a process whose aim is to secure your information by "scrambling" it to make it incomprehensible to uninvolved parties. To achieve this, an encryption algorithm is used. Only those who possess the associated encryption key will then be able to unlock the system to read the data.

Vocabulary point :

• The encryption key 👉 is the system used to decrypt the message. While for a long time it was a matter of codes, sentences or encryption machines, modern cryptology uses data encoded in binary form.

• Block ciphering 👉 This method involves breaking up the information to be encrypted into blocks of the same size (64 or 128 bits, for example). Encryption is then performed block by block.
  
• Stream encryption 👉 This technology processes data of different lengths, without splitting them up.
  
• Symmetrical cryptography 👉 this involves encrypting and decrypting information using the same encryption key. This system is fast, as it requires fewer resources and calculations than asymmetrical cryptography.
  
• Asymmetrical cryptography 👉 In this case, two different keys are required:
  • the public key, to encrypt the data,
  • the equivalent private secret key, to decrypt the same data.

Cnil

The arrival of AES encryption

AES encryption was created when the NIST (National Institute of Standards and Technology) decided to find a successor to DES (Data Encryption Standard). The current symmetrical encryption standard was deemed too vulnerable to attack and not flexible enough.

So in 1997, a competition was launched for cryptology researchers to come up with a new symmetric key encryption system.

Rijndael won the competition in 2000, and the AES standard was launched.

AES encryption: how it works and special features

• AES encryption is a royalty-free standard. It can therefore be used freely, without the need for a patent.
  
• It is symmetrical, like DES encryption.
  
• It is a 128-bit block cipher. This means that 128-bit blocks are transformed into encrypted blocks of the same size.
  
• AES encryption supports different key sizes: 128, 192 or 256 bits. Depending on these key sizes, the number of operations required per sequence for block encryption differs:
  • 10 for 128 bits,
  • 12 for 192 bits,
  • and 14 for 256 bits.

☝️ The encryption key sizes of the AES standard are so large that it is impossible to force the system through an exhaustive search. What's more, security increases exponentially with key size. The 256-bit key, for example, offers an astronomical ²²⁵⁶ possible combinations.

Even with a multitude of super-powered computers, cracking a 256-bit AES key would take longer than the supposed age of the universe!

Advantages of AES encryption

Beyond the guaranteed high level of security, AES encryption offers other advantages:

• Fast processing and high performance 👉 the AES system can quickly encrypt and decrypt large amounts of data.
  
• Low resource and memory requirements 👉 the AES algorithm can therefore be used for consumer devices such as laptops.
  
• Wide range of implementation options 👉 on hardware or software.

Which is the best encryption algorithm?

AES VS DES

The DES standard uses 64-bit blocks and keys of the same size. This means there are ²⁶⁴ possible key combinations to test, or 16,000,000,000,000,000,000.

But even with this imposing number, this technology has proven to be fallible. Indeed, computer power has increased steadily over the decades and, in 2012, a system was designed that could crack a DES key in 26 hours.

DES encryption is therefore not completely secure, even if it is still used today.

AES encryption has never been cracked. It remains perfectly secure by today's standards.

AES VS RSA

The RSA encryption algorithm is an asymmetric encryption system. It is the most widely used standard alongside AES encryption.

This system is highly secure, since the public key is the product of multiplying large prime numbers together. Only this product, with a length of 1024, 2048 or 4096 bits, is made public.

So why use one encryption technology more than the other?

• First of all, RSA encryption is much more computationally intensive. Consequently, it is used to encrypt smaller amounts of data.
  
• On the other hand, AES is more secure than RSA for the same bit size. Cracking RSA does not involve brute-force attacks, as is the case with AES. Instead, you have to factor the modulus into prime numbers and derive them yourself, which is much more feasible.

However, the asymmetrical property of RSA encryption makes this system advisable in certain situations, notably when the two end points for data exchange are geographically distant: information can transit between these two points, without anyone caring who intercepts it in the meantime.

At the end of the day, more than a question of safety, it's a question of use that determines the use of one standard or the other.

☝️ This is why the two technologies are often combined. Today, most data is encrypted using the faster and more secure AES encryption. But to obtain the key for decryption, the sender often uses RSA.

How can AES encryption be used in practice? Examples of software

Password managers

Many password management programs use AES encryption. This makes it possible to secure the data contained in digital safes.

🛠️ LastPass, for example, uses 256-bit AES encryption to protect user data. All users have to do is create an account with an e-mail address and a secure master password to generate a unique encryption key. After verification, this key is used to decrypt the safe locally. As a result, even LastPass employees have no access to the data it contains.

VPNs

VPNs also use encryption keys. In fact, their operation requires the encryption of data circulating between private computers and their servers. This guarantees online anonymity and protection against brute force.

🛠️ NordVPN, for example, uses AES technology with 256-bit keys to make users' data unreadable, even to governments (they may be entitled to request it from ISPs!) or hackers.

File-sharing software

With digital transformation, dematerialization and the new uses that go with it (telecommuting, for example), more and more professionals are using this type of software to exchange files. And some of these files, such as medical records, may contain sensitive data. This is why these solutions often use the AES standard.

🛠️ WeSend, for example, can receive and send large files. To secure the contents, it uses 256-bit AES technology. This makes the information indecipherable for the servers through which it passes.

See all software File Sharing

Understanding data encryption to ensure your security

Encryption systems have been around for a long time, but new consumer habits have made them an essential issue for both professionals and private individuals. Witness the emergence of VPNs, password management software and other file-sharing tools.

The result?

Faced with security promises (sometimes couched in technical jargon incomprehensible to the uninitiated), it's time to take a closer look at the technologies available. The aim: to make an informed choice of the encryption solutions best suited to your information protection needs.

But one thing is certain: AES encryption is still a safe bet when it comes to today's technologies.