Advanced Encryption Standard

Standard for the encryption of electronic data / From Wikipedia, the free encyclopedia

Dear Wikiwand AI, let's keep it short by simply answering these key questions:

Can you list the top facts and stats about Advanced Encryption Standard?

Summarize this article for a 10 years old


The Advanced Encryption Standard (AES), also known by its original name Rijndael (Dutch pronunciation: [ˈrɛindaːl]),[5] is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.[6]

Quick facts: General, Designers, First published, Derived ...
Advanced Encryption Standard
Visualization of the AES round function
DesignersJoan Daemen, Vincent Rijmen
First published1998
Derived fromSquare
SuccessorsAnubis, Grand Cru, Kalyna
CertificationAES winner, CRYPTREC, NESSIE, NSA
Cipher detail
Key sizes128, 192 or 256 bits[note 1]
Block sizes128 bits[note 2]
StructureSubstitution–permutation network
Rounds10, 12 or 14 (depending on key size)
Best public cryptanalysis
Attacks have been published that are computationally faster than a full brute-force attack, though none as of 2013 are computationally feasible.[1]

For AES-128, the key can be recovered with a computational complexity of 2126.1 using the biclique attack. For biclique attacks on AES-192 and AES-256, the computational complexities of 2189.7 and 2254.4 respectively apply. Related-key attacks can break AES-256 and AES-192 with complexities 299.5 and 2176 in both time and data, respectively.[2]

Another attack was blogged[3] and released as a preprint[4] in 2009. This attack is against AES-256 that uses only two related keys and 239 time to recover the complete 256-bit key of a 9-round version, or 245 time for a 10-round version with a stronger type of related subkey attack, or 270 time for an 11-round version.

AES is a variant of the Rijndael block cipher[5] developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, who submitted a proposal[7] to NIST during the AES selection process.[8] Rijndael is a family of ciphers with different key and block sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits.

AES has been adopted by the U.S. government. It supersedes the Data Encryption Standard (DES),[9] which was published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data.

In the United States, AES was announced by the NIST as U.S. FIPS PUB 197 (FIPS 197) on November 26, 2001.[6] This announcement followed a five-year standardization process in which fifteen competing designs were presented and evaluated, before the Rijndael cipher was selected as the most suitable.[note 3]

AES is included in the ISO/IEC 18033-3 standard. AES became effective as a U.S. federal government standard on May 26, 2002, after approval by the U.S. Secretary of Commerce. AES is available in many different encryption packages, and is the first (and only) publicly accessible cipher approved by the U.S. National Security Agency (NSA) for top secret information when used in an NSA approved cryptographic module.[note 4]