Disclosure: Privacy Australia is community-supported. We may earn a commission when you buy a VPN through one of our links. Learn more.

What is AES Encryption & How Does it Work?

By Will Ellis

Last Updated on January 2, 2024

Data is transferred on the web all the time. From one place to the next, data has to pass through a network of obstacles, doing so to make connections and log into the next.

To secure data in transit, one of the methods still widely used today is encryption, which makes data unreadable.

Below, we’ll take a further look at AES encryption and dive into how it works.

We’ll also discuss security issues that can come from using AES encryption, along with other measures you can take to secure your time online.

Table of Contents:

What is AES
How Does AES Work
What’s the Point of AES’s Complicated Process
Why So Many Repetitions
More Repetitions = More Security
Decrypting AES: Is It Possible
128, 192, and 256: The Difference in Bit
AES Security Issues
Is AES a Standalone Protection

What is AES? 🔒️

Encryption has been around for some time now, working to make it more difficult for cybercriminals to access data. Previous versions were effective, though the world of the web evolves rapidly. The older version would change each letter in a sentence, creating weird and unreadable texts.

As time went on, the cybercriminals of the world began to better understand certain techniques, able to crack codes more easily than before. Once they figured out how encryptions work, they were no match for their skills, leading cybersecurity pros back to the drawing board.

Many other attempts have been made to create encryptions that are impossible to hack, none have been as advanced and as uncrackable as AES encryption. That’s how the Advanced Encryption Standard (AES) was developed, a faster and more secure form of encryption than ever before.

These days, it’s used in a number of apps like WhatsApp and Signal, just to name a few. With an expanding attack surface and the increasing severity and cost of data breaches, it’s used as a standard for online security, and here is a look at how it works.

How Does AES Work? ➡️

AES works by putting data through a series of transformations that eventually renders it unreadable.

It can be a complicated process, though we’ve summarized it in a way that’s pretty simple to understand.

Before data is passed from one place to another, here is how AES encryption secured it.

Blocking Up Data

Information that is in plain, readable text first gets divided into blocks. The number of blocks that the data gets divided into has to do with the block size used. AES encryptions have three-byte sizes, 128. 192, and 256.

The size of the blocks will determine how each letter is separated and broken down, leaving data readable but organized a little differently.

Key Expansion

Once the data is in a neat block; key expansion changes it into a completely different set of letters and numbers. This is the first key change of the process, where data will already look much different than it did in the beginning. They are meant to look like random characters though there is some method to the madness.

XOR Cipher

With the initial data and the new key set in place, both are added together using an algorithm known as XOR cipher. This algorithm is a complicated binary equation that is done with help from advanced algorithms, adding both tables together and coming out with the result of the two added together.

Substitution

Unlike other encryptions in the past, AES works to defy logic and randomize tables and keys. In substitution, each byte is substituted by the two previous tables, using the algorithm as a guide.

The end result is a mix-up of the key in a particular way as determined by the algorithm, and is undecipherable without some complicated math and a bit of lucky guessing.

Shifting Rows

Still, in table form, the rows of the tables are moved, with some scooting over one and others more. Typically, the second row shifts one row to the left, the third two rows to the left, and the fourth row three spaces to the left. This is not the end of the jumbling, with more complicated combos to come.

Mixing Columns

Using a complex equation, all of the columns are assigned a number and jumbled around accordingly. The end result is yet again much different than the initial input, making it more complicated to decipher.

Back to the Key

The key that was used in the start to create the second table is used here to fill in the input according to the key. With all of the rows and columns in different places, the key is used to further jumble everything up.

Repeat, And Repeat

That is not nearly the end of it. At this point, the result of the steps mentioned above goes through another round, and another, and possibly another depending on the byte used. Each round helps to make the input more difficult to decipher, making data not only unreadable but also uncrackable.

The number of rounds that input will go through is determined by the bit, with 128-bit keys going 9 rounds, 192-bit going 11 rounds, and 256-bit going 13. Once all of the steps are finished and the repetitions are done, there is one last round, though the column mixing step is left out.

The End Result

The end result is meant to look nothing like the initial input. It’s meant to appear as an unreadable string of characters that were just randomly placed together. However, that’s not the case.

The process is highly precise and will mix and match according to the steps mentioned above before the end result. All of the mathematical operations are repeated over and over, giving rise to something completely different than the original input.

What’s the Point of AES’s Complicated Process?

Securing data is a big deal, one that many cybersecurity experts are out to tackle. Though it might seem like too complicated of a process, there is a reason why data undergoes so many steps and rounds.

Take key expansion for example, without it, AES would be much easier to crack, using the same key throughout each round. Because expansion is constantly changing the key with each round, it can be difficult to decipher if data is intercepted, which is exactly what cybersecurity pros want.

Substitution of the input that changes all of the data points is also part of the reason why AES encryption is one of the strongest forms of online security. In substitution, data is jumbled in a non-linear way, which helps to diminish any traces of a relationship between the encrypted input and the original.

Shifting and mixing too works to make things undecipherable. By completely changing and transposing data, shifting rows and mixing columns, and repeating it multiple times, the input is nothing like what it was before.

The ability to completely change data and transform it into something that makes no sense and follows no logical pattern is key to adding confusion, preventing decryption.

Why So Many Repetitions?

Unless you’ve tried to hack an encryption yourself, you might not have known how to even begin. The reason why some of the older and more traditional encryptions were so simple to hack is that they were predictable. Hackers could pour over the encryption and use brute force to try and guess passcodes to decipher them.

The more predictable encryptions were, the easier it became to decipher data. That’s why each round is meant to change things up even further, using help from mixing and keys to create a code that’s difficult to understand.

In recent years, hackers have been able to try methods to decrypt data using the help of software. Unlike previous tactics that require lots of time and effort from cybercriminals, the software can allow hackers to set up a shortcut attack and sit back while encryptions attempt.

Since these attacks require minimal effort and are increasing in sophistication, encryptions needed an upgrade that would help them stand up to the threat.

More Repetitions = More Security? 💡️

A lot of users looking to understand how their data is encrypted and protected ask one simple question, why not add more rounds?

While that is a legit question, there is a reason why there are not 50 rounds or 100 rounds added to data in transit.

Among the main reasons is performance, as a computer will need a lot of power to make connections.

These days, developers are pressured to keep things running as fast as possible, using all the methods they can to ensure that data goes from one place to the next both safe and protected.

The web is a place that thrives on speed, with a push for connections and protections that can act rapidly in real-time.

While some of the encryptions are not 100% safe from cybercriminals, it will take much more time and effort to decipher, putting cybersecurity ahead of the race.

Decrypting AES: Is It Possible? 🔎️

It can be pretty difficult to encrypt something, especially with the tactics that cybersecurity pros are using today. Though AES decryption goes through multiple rounds of complex mixing and switching to keep data safe, it is not 100% hack-proof, something that all users should know.

In the most basic explanation we can give, turning encrypted data into readable data is done in a similar fashion, just in reverse. Hackers know this and can run the same sort of scheme when they are attempting to decipher data. A typical inverse would look something like this:

– Inverse round keys

– Inverse shift rows

– Inverse substitutions

After all of these, the process continues and the end result after the appropriate number of rounds will lead cybercriminals to the original data. Now, this is a simplified explanation, as the process of deciphering can take time and skill. Not only do hackers need to know the bit but they also need to have extensive knowledge of how encryptions work.

These are not in short supply, which is why layering up on protection is recommended. We’ll get to some suggestions on that further down but before we do, here is a look at key lengths and what they mean for encryptions.

128, 192, and 256: The Difference in Bit

When you see the numbers 128, 192, and 256 in front of -bit, you might not know what that means. Not only does it have to do with key length, but it also has to do with the number of rounds that each one goes before finalizing encryptions. The typical distribution looks like this:

– 128-bit 10

– 192-bit 12

– 256-bit 14

The higher byte that is used for encryption, the more rounds of encryption have to take place and, in turn, the more difficult it can get to decipher code. Still, a lot of individual users and some companies that bank on encryption choose to use 128-bit, as it’s more than sufficient for practical purposes.

Typically, the higher bytes like 192 and 256 are reserved for highly secure entities, including military documents and more. Those that are looking for extra security could invest in higher encryption, as they are available and becoming more affordable.

AES Security Issues 🔓️

Just because it is meant as a prevention measure to keep data secure doesn’t mean that AES is 100% secure. Hackers are always one step ahead, poking and prodding the latest security techniques in an attempt to get around them and get ahold of sensitive data.

Cryptographers really went above and beyond when they developed AES, doing it in such a way that it would be difficult for hackers to crack and constantly changing depending on the type of AES encryption and the number of rounds needed. Security issues have popped up, a few of them including:

Related-Key Attack

Most attacks today are related-key attacks, in which hackers can find a few pieces of the overall puzzle. For example, they may find the number of bits and the mathematical process used by the encryption device.

With each parameter that is known to the hacker, they can get closer to launching a successful attack, intercepting data, and decoding it using their newfound information. To prevent a related-key attack, it’s best to ensure that all protocols are properly put in place.

Known-Key Attack

When cybercriminals already know the key that is involved in an attack, they can take measures to attempt to decipher more complicated keys in the process. Most of the time, these attacks deal with keys that have already been deciphered, using them as a way to learn more about the cipher and attempt to break into new ones in the process.

Side-Channel Attack

There are some instances that occur where websites are leaking information. In this process, attackers will pay close attention to websites in order to find key ways to find a way in and get ahold of sensitive data. While AEs provide a solid defense against a side-channel attack, they can still happen, and in a way that renders information available for attackers.

The key here is finding whether or not information has been compromised and taking proper measures to ensure that it doesn’t happen again. One key misconception is that AES makes things 100% safe, which is far from the truth. Instead, it prevents a particular type of attack, one that can be used to keep data secure.

Is AES a Standalone Protection? 🛡️

While AES has become an essential part of protection, it is not the only thing that can be used to protect a website’s integrity. AES encryption should be used as a part of protection, one that secures the encryption of data and ensures that it is secure no matter where it is being passed to.

AES is a recommended piece of the security puzzle when it comes to keeping sites secure, though it is not the only one nor is it the only thing that one should be concerned with. A few ways to add additional securing include:

Virtual Private Networks (VPNs)

A virtual private network (VPN) is one security measure that’s perfect for securing online accounts. Instead of using a normal browser, VPNs work to hide the IP address, making it difficult to track and see what’s happening with users online. It provides the chance to remain secure and dodge things like ads and tracking that typically come with surfing the web.

Secure Browser

Another way that users can secure their time online includes using secure browsers. There will allow users to search the web without having to deal with annoying pop-up ads or other things that could sacrifice the security of one’s surfing experience.

Using a secure browser is an additional security measure that users can take to add more safety to their online surfing.

Manage Passwords 🔑️

While AES can help encrypt data, there need to be other measures taken by users, ones where it’s more difficult for outsiders to crack. Passwords are the key to any account, granting access as long as credentials are known.

It’s not just about credentials as much as it is about securing one’s accounts, Users should take caution when it comes to creating passwords and logging in. In addition, they should refrain from using the same password or keeping it for an extended period of time, ensuring that it’s not an easy thing to predict.

Be Careful with Email 📧️

Email is one area that’s always targeted, as it comes with minimal security. With the right wording and the right address, hackers can slip past spam, giving them a larger chance to manipulate those that open the emails. Most of these malicious emails contain malicious links, ones that, if clicked, can wreak havoc on a system.

Be sure that, apart from having an up to date and aggressive encryption on your computer, you have a secure email that will filter out everything that you don’t need.

Use Antivirus 🛡️

There are many ways that a hacker can get into your system. That’s why it could be useful to take advantage of an antivirus, using that as a way to ensure that your accounts are protected. There are all kinds of antivirus out there, some of which account for different layers of antivirus. Add one to your current security setup and see what it can do for you.

Use a Monitor

For those that have a more professional presence online, they may want to take things a step further and use an internet monitor. This is a way to see how the connection is going and whether or not uptime is high, though it can also be used to test for CPU.

When looking at the CPU, users can get a glimpse of how things are running and, apart from other security measures, take steps to monitor their connection to make sure everything is working as planned.

In this way, users can have a better idea of their connectivity and performance, while enjoying the fact that they are working and running like a well-oiled machine.

Use Best Practices

If there is one method that’s more effective than the rest, it’s the one that advises you to use best practices. That means paying close attention when visiting websites, being wary of what you click, and making sure that you have a suite of protection with you at all times.

Also, be sure that you never share your info with anyone, keeping everything as safe and secure as possible with help from your safe practices. Though no one is perfect, there are ways that one can keep their connection safe and secure, a few of them which we’ve shared here.

Secure your Most Valuable Asset

One of the main reasons why hackers target data is because it’s valuable. The opportunity to secure data while surfing the web or finding the best connectivity is key to making solid websites where both companies and visitors benefit.

AES encryption has gone through several enhancements, most of which were put there in order to better secure data as it’s making its way across the web.

Without your data encrypted, it would get intercepted and used by those who got ahold of it. It’s up to you to protect it and ensure that, if hackers do get ahold of it, there will be no sensitive information attached along with it.