What is the AES Algorithm?

When speaking of computer security, the term algorithm is used differently than in mathematics, for example, where it refers to a systematic methodology for problem solving in a particular context. In computer security, it refers to a cryptographic algorithm, which is a sequence of procedures or rules to follow in encrypting messages. Algorithms can be simpler or more complex, and those that are more complex are more difficult to crack. AES stands for Advanced Encryption Standard, and the AES algorithm is another name for the Rijndael algorithm, which was chosen for use in the AES standard.

The Rijndael algorithm was chosen in an international competition to be included in AES. When the time came to think about replacing the Data Encryption Standard (DES) — which only had a 55-bit key length and was thought to be slow and place heavy demands on processors — the National Institute of Standards and Technology (NIST) invited cryptographers to come up with an advanced algorithm on which to base AES, i.e., to develop the AES algorithm. The invitation was made in 1997, and the 21 submissions developed by teams from 11 countries were considered. In 2000, the Rijndael algorithm was chosen to be the AES algorithm, which is why AES is sometimes referred to as AES algorithm (Rijndael).

Rijndael — variously pronounced as /RAIN dahl/ or /RINE dahl/ — was named by combining parts of the names of the two developers, Joan Daemen and Vincent Rijmen. The algorithm was based on an earlier algorithm they had developed together called Square. The new AES algorithm is a block algorithm, with data processed in 128-bit blocks. But while keys for DES were only 56 bits, those for Rijndael could be 128, 192, or 256 bits. Nevertheless, there have been some concerns about how secure the new algorithm is, and there are ongoing attempts to crack it.

The AES algorithm was chosen by the United States Government for unclassified, sensitive documents in 2000. In 2003, AES was adopted by the New European Schemes for Signatures, Integrity, and Encryption (NESSIE) consortium. Also in 2003, the National Security Agency (NSA) decided to use AES’s highest bit keys for top secret documents. The Internet Key Exchange (IKE) also uses the AES algorithm to transmit the secret key to the recipient for decryption of the message. AES is also used in Internet Protocol Security (IPSec), a security protocol for authentication and encryption on the web.