what is aes encryption

What Is AES Encryption: The Algorithm Explained in 2025

Last update: February 4, 2025

Quick Summary: What Is AES Encryption?
AES encryption is one of the most secure ciphers. It encrypts different types of data to make it impossible for anyone without the decryption keys to access it. With current computers, cracking AES would take about a billion years.

If I had a dollar for every time I’ve mentioned AES encryption in the last three years, I would have a penthouse in Carre d’Or. It’s fundamental to the security of many cloud-based technologies, including the best VPNs. However, the truth is that not many people properly understand what AES encryption is and what it’s capable of.

Here’s the short of it: AES encryption is a highly secure cryptographic algorithm used to encrypt data with a single secret key. It is used to protect sensitive data across different applications for online communication, file storage and networks.

Today, I’ll be exploring the near-fantastic world of AES encryption. I will define it, explore its features and how it works, examine the types that exist and discuss the benefits. If you’ve always been curious about understanding AES encryption and all it entails, this article is for you. 


What Is Advanced Encryption Standard (AES) Encryption?

Advanced Encryption Standard (AES) is a symmetric encryption algorithm that processes data in fixed blocks of 128 bits. To better understand it, we have to define each individual component.

The first is symmetric encryption. This is where a single key is used to encrypt and decrypt data. This means the sender and the receiver of an encrypted message must share the same key to access the message. 

We also have bits, the most basic unit of information in computing (either a 1 or 0). With AES, there are two important bit measurements:

The key length determines the level of security of the encryption. For example, a 128-bit key has 2128 possible combinations. AES supports three different key lengths: 128, 192 and 256 bits, with longer keys providing increased security.

The longer the length, the more secure the encryption — but don’t let that trick you into thinking AES-128 is a pushover. Despite being the smallest cipher, it has more than 3.4 quadrillion potential combinations.

To put that into perspective, if you started counting 3.4 quadrillion at the rate of one number per second, it would take you about 108 million years to finish. That’s roughly twice as long as it’s been since dinosaurs roamed the planet. This is why AES encryption is part of the bedrock of today’s online security.

AES History

AES traces its origins to January 1997, when the U.S. National Institute of Standards and Technology (NIST) held a contest asking the public to present alternatives to Data Encryption Standard (DES), which was quickly being overtaken by technological advancements. 

NIST received 15 viable submissions from 12 countries. In October 2000, a cipher called Rijndael was accepted as the new Advanced Encryption Standard.

Breaking Down AES Encryption Features

AES uses symmetric encryption, large key sizes and open-source code to achieve the impenetrable digital security it’s known for.

For more information on how AES and other symmetric algorithms work together with asymmetric encryption, see our full encryption guide.

Types of AES

AES encryption can be classed into three types based on the length of the cipher keys:

How Does AES Encryption Work?

how encryption works
The AES encryption process converts plaintext into ciphertext.

In short, AES encryption transforms plaintext into ciphertext and back by applying its keys to equal-sized data blocks. The full explanation of how AES encryption works is so intricate that I could pull a muscle just writing about it. I’ll simplify the process without the complicated jargon.

AES uses block ciphers, which means it divides plaintext into 128 blocks before encrypting it. The data within each block is divided into arrays of 4 by 4, or 16 bytes. Each of these 16 bytes contains a further 8 bits, bringing the entire number of bits per block to 128. Therefore, 128 bits of plaintext will produce 128 bits of ciphertext.

Each unit of encrypted data is replaced by a different unit based on the security key used. Since AES is a substitution-permutation cipher, it uses a key expansion process where the initial keys are used to come up with new keys for each round of modification, called round keys.

These round keys are generated over multiple rounds of modifications (10, 12 or 14 rounds, depending on the key size). There are four operations performed repeatedly in the following specific rounds:


AES Decryption

how decryption works
The decryption process follows encryption in reverse.

AES decryption is the process of converting scrambled ciphertext back into readable plaintext. Since it’s a symmetric cipher that uses the same keys for every step, the decryption process is simply the complete reversal of the encryption process I’ve described above.

The decryption process starts with the inverse round key, which is followed by the reversal of every encryption action — from byte substitution and row shifting to column mixing — until the original message is readable again.


How Is AES Encryption Used?

Owing to the high level of security it offers, AES encryption has a wide range of applications:


Benefits of AES

AES encryption has a long list of benefits:


Attacks on AES Encryption

While AES remains one of the most secure encryption standards, no security system is completely invulnerable. Although most of these are academic or theoretical, some known attack vectors include:


How Secure Is the AES Encryption Algorithm?

AES encryption can’t be cracked with brute-force attacks. Even with incredibly powerful hardware, it would take approximately one billion years for a brute-force attack to crack the simplest AES type, AES-128. For comparison, a DES key, which I cover in the next section, can be cracked by modern computers within minutes.

However, that could all change if and when quantum computing comes into play, which is why some virtual private networks are already implementing post-quantum encryption.

Fully implemented AES encryption has never been cracked, as far as we know, and most experts agree that it will continue to be a reliable security option for decades to come. Even the U.S. government has complete confidence in using AES encryption.


AES vs DES

DES (Data Encryption Standard) is an encryption algorithm developed in 1977 that the U.S. government used before replacing it with AES. DES divides any given data into two parts and then works on each part separately using expansion, permutation and substitution.

Expansion is where the input is expanded to a larger size after the duplication or addition of bits in an encryption process. Permutation entails arranging the order of bits based on a fixed rule to contribute to diffusion. Substitution involves replacing bits with other bits through predefined mapping to introduce non-linearity.

DES is no longer widely used because it is less secure. It has a shorter key length of just 56 bits, compared to AES’ minimum of 128 bits. With current processing power, brute-force attacks can crack DES within minutes. Still, it is one of the algorithms that laid the foundation for developing AES.


AES vs RSA

RSA (Rivest-Shamir-Adleman) is an encryption algorithm also developed in 1977 that’s still considered secure. It uses public and private keys to encrypt and decrypt data; the public key is disclosed but the private key remains hidden. The use of different keys makes it an asymmetrical encryption algorithm, unlike AES, which is a symmetric encryption algorithm.

However, compared to the AES algorithm, RSA is slower, especially when dealing with large datasets. Furthermore, the keys used have to be considerably large (up to 4096 bits) for better security, which causes performance issues. That’s why RSA is often used simply to encrypt AES keys, with AES being used for the message itself.

Here’s a comparison table for the three encryption algorithms:

ATTRIBUTE:AESDESRSA
TypeSymmetricSymmetricAsymmetric
Key Lengths128, 192, 256 bits56 bits1,024, 2,048, 4,096 bits
Speed & EfficiencyFast & efficientSlower than AESSlower than AES & DES
Encryption ProcessSubstitution-permutation networkFeistel networkModular exponentiation network
Attack ResistanceHighly secure against brute-force attacks, vulnerable to quantum attacksVulnerable to brute-force attacksVulnerable to quantum attacks
Key ManagementEasy, as it uses only one keyEasiest, as the keys are the shortestMore complex, as it separates keys into public and private

Conclusion: Advanced Encryption Standard (AES)

That’s the black and white of the AES encryption algorithm. It has been the go-to security option for people and institutions, including governments, for more than two decades. Considering that it has never been fully breached, experts agree that it will continue being the preferred choice for the foreseeable future.

The biggest concern regarding AES encryption lies in the potential threat of quantum computing. With bigger and faster processors rapidly being developed, AES could be rendered obsolete sooner than expected. However, AES-256 has stood up to quantum attacks so far, so we might still be using it years from now. It’s hard to know for sure.

Have you used any applications that rely on AES encryption? How about virtual private networks? Are you confused by anything, from symmetric block cipher algorithm to secure data exchange? Tell us what you think in the comments below and we will be happy to engage with you. Keep reading our blog for more educational posts like this one. 


FAQ: AES Online Encryption

Leave a Reply

Your email address will not be published. Required fields are marked *