Advanced Encryption Standard (AES)
AES encryption, which is also called FIPS 197, refers to a process of encryption of sensitive electronic data utilizing an approved 128-bit, 192-bit, or 256-bit symmetric encryption algorithm. It is usually used as an encryption scheme for protecting confidential government information and is considered the most secure encryption scheme as of now which is used by US government entities like the National Security Agency (NSA). According to most studies, it would take millions of years to crack even 128-bit encryption. Even though the introduction of quantum computers would ease the process, they would take up to six months for decrypting the said encryption. Before the AES, Data Encryption Standard (DES) was used for encryption but due to its weakness towards brute force attacks, an alternative was considered, for which AES came into light. In DES, a 56-bit key is used to encrypt data while in AES three different lengths of keys are used i.e. 128-bit, 192-bit, and 256-bit. The concrete difference between AES and DES lies in the length of its key bits as more the number of bits, more will be the combinations and more will be the time taken to crack the encryption. For typical 128-bit encryption, the key can have a 3.4 x 1038 combination, for 192-bit encryption, 6.2 x 1057 combinations and for 256-bit, 1.1 x 1077 combinations. It can be seen that the increase in the number of bits used for encryption is directly proportional to the security of the data.
The Advanced Encryption Standard commonly known as AES was developed by Morris Dworkin, Elaine Barker, James Nechvatal, James Foti, Lawrence Bassam, Edward Roback, and James Dray Jr., and was published on Nov. 26, 2001, which was adopted by the U.S. government in 2002. The Standard is published and maintained by National Institute for Standards and Technology (NIST). During a preliminary submission of AES in its development phase, fifteen competing symmetric algorithms were designed and subjected to analysis by the world cryptographic community. In August 1999, NIST sorted five algorithms for extensive analysis -
MARS, submitted by IBM Research.
RC6, submitted by RSA Security.
Rijndael, submitted by two Belgian cryptographers, Joan Daemen and Vincent Rijmen.
Serpent, submitted by Ross Anderson, Eli Biham and Lars Knudsen.
Twofish, submitted by a large team of researchers from Counterpane Internet Security, including noted cryptographer Bruce Schneier.
The above listed algorithms were tested tremendously in American National Standards Institute (ANSI), C and Java languages for speed and reliability in the encryption and decryption processes, key and algorithm setup time, and resistance to various attacks, both in hardware and software centric systems and after much feedback, discussions and analysis, the Rijndael cipher algorithm was selected as the proposed algorithm for the AES in October 2000.
How Does AES Algorithm Work?
AES encryption uses three block ciphers i.e. 128-bit, 192-bit and 256-bit. It encrypts data in blocks of bits rather than bit-by-bit. Each cipher encrypts and decrypts data in blocks of 128 bits using cryptographic keys of 128 bit, 192 bit and 256 bit respectively.
AES uses symmetric ciphers, which means that there will be only one common key for both encryption and decryption. That means that the sender and receiver of the message will have the same key. The plain text i.e. the message will be first encrypted using the said key and is converted into the ciphertext. It is then sent to the receiver, where the same cipher key is used to decrypt the ciphertext and get the real message or information from the ciphertext. As we already know different key lengths are used in encryption using the AES, the confidentiality level of the secret information can decide which key length will be used. The information of top-secret level generally uses 192-bit or 256-bit key length, otherwise 128-bit key length encryption is used.
8-Step Encryption Process for AES
1. Dividing Data Into Blocks
AES is a block cipher. Each of these blocks contains a column of 16 bytes in a layout of four-by-four. As one byte contains 8 bits, we get 128-bit block size, (16×8=128). Thus, the first step is to divide the plain text into these blocks. So, let’s take a plain text “better late than never” as our exemplary plain text, which is to be encrypted using the AES. This plain text will be converted into an array, which is as follows.
2. Key Expansion
This is the second and is a very important step in AES encryption. It produces 128-bit round keys with the help of Rijndael’s key schedule, as mentioned above. Now, let’s say our key is “extraterrestrial” which will be in the following manner:
Now, after applying Rijndael’s key schedule the same key phrase will look like a pair of jumbled characters and will probably look like this:
3. Adding Round Key
Adding a round key is the first round of AES encryption. In this step, the said algorithm adds the initial key (“extraterrestrial”) to our message phrase (“better late than”) which was converted into a 4x4 block.
The AES uses binary code in the background. So the result which comes up after adding two blocks of text, which seems to be impossible, is a result of binary code which is running at the back end. The result will be as follows.
4. Byte Substitution
In this step, every byte is substituted with a code, according to a pre-specified table called the Rijndael’s S-box which is as follows:
Every Bye has code to be substituted and the resulting block will look like this:
5. Shifting Rows
In this step, the algorithm shifts the rows of the block which we get after substitution to add more complexity to the encryption. The first row remains unchanged, however, the second row gets shifted to the left by one byte and the third row to the left by two bytes. Subsequently, the last rows get shifted to the left by three bytes and the resulted block will look like this:
6. Mixing Columns
This is a complicated step that involves multiplying each column in the block produced after shifting rows, with a predefined matrix. For the sake of simplicity let’s assume, the background maths is done and the resulting block will look like this:
7. Adding Round Key
In this step, we add the round key which was obtained during the key expansion section, to the block which we get after the column mixing step. The result will be as follows:-
8. Rinse And Repeat
After adding round keys, the resulting block will undergo a series of many more rounds of the above-described step like Byte substitution, shifting rows, mixing columns, and adding round keys. The number of identical rounds the data goes through depends on the AES key length -
128-bit key: 9 rounds; 192-bit key: 11 rounds; and for 256-bit key: 13 rounds.
In this way, the AES encrypts confidential data which is impossible to crack by the present technology. The resulting ciphertext is so complicated that it will be very complex to crack without the cipher key. That is why it is very much reliable by various government institutions to use this standard.
Use Cases of AES
Complex encryption and decryption, high security and reliability, cost-effectiveness due to nonexclusive and royalty-free releasing, and implementation on both hardware and software make AES favorites among various industries and their products across the globe. It is used to encrypt both static and dynamic data in many of today’s electronic devices, and is preferred in many devices and networks -
BES10 CLoud Solution by Blackberry uses AES technology.
Intel Xeon and Intel Core processor family uses AES technology to secure data.
Sony’s FeliCa Standard IC Card supports AES encryption technology.
Toshiba’s USB Flash drives have AES encryption support.
Commvault uses AES in their software encryption.
256-bit AES encryption in Crucial MX500 SATA SSD.
256-bit encryption in TCG-opal compliant Samsung 860 EVO SSD.
256-bit AES encryption in Whatsapp.
256-bit encryption in Google Cloud.
Microsoft’s Windows Bitlocker uses 128-bit and 256-bit encryption.
Patent Analysis & Patent Application Trends
We have already discussed the technical aspects of AES about what it is, its history, and how it works. Now let’s discuss the trends in this technology. There are about 21,216 patents that refer to Advanced Encryption Standard (AES) among which 15,551 patents are alive and 5665 are dead patents
The below graph shows the trend of patent applications filed from the past 20 years, i.e. between 2001-2021. As the technology evolved, the highest number of patents were filed in the year 2017.
A third world war, if one were to occur, would be fought with data as much as with ammunition. All countries have confidential data which they don't want to disclose to the world. Moreover, cybersecurity is a growing concern for all countries. Even though AES is a valuable asset for protecting sensitive data but with the evolution of technology, the day is not so far when cracking even AES encryption will be easy.
Copperpod provides IP consulting services such as Source Code Review, Infringement Claim Charts, Prior Art Search, Reverse Engineering and advises clients on patentability to give a clear picture of the state of the art to navigate away from the potential prior art and monetize IP assets.