How does the AES 256 encryption work?

220 viewsOtherTechnology

I’ve heard AES256 is the best encryption system but how does it work.

I know how basic encryption work.

In: Technology

4 Answers

Anonymous 0 Comments

I don’t know if there’s any ELI5 that can adequately explain AES in reality, but I might be able to cover some of the surrounding concepts of a block cipher, which AES is one of. I know you said you understand basic encryption, but I will try to write it slightly more generically for a wider audience.

Let’s say you have a message that you want to encrypt. You and the recipient have shared a secret password you want to use in advance. That password is our cipher key. With a block cipher, you generate an array of all zeroes of a predetermined fixed size in memory, and then you start loading information into it from the message. If the block gets full, you add another block to put in more of the message. You keep doing that until you have exactly enough blocks to contain the message.

The key is then used with a series of really difficult to simplify mathematical operations designed specifically to operate on the whole block at a time. AES is a symmetric cipher, which means that if instead of loading that block with the original message, you loaded the block with the same portion of the ciphered message, the output would be the original instead.

The algorithm for AES proceeds to do this again for each block, until all blocks are encrypted/decrypted. Because of the block-wise nature, the ciphered message is always an exact number of blocks in length, rather than being the exact length of the message input, which actually helps (mildly) obscure the real message even further.

I mentioned loading the block with all zeroes to start, but that’s actually not usually true. The block values are loaded via something known as an Initialization Vector (IV), which by convention starts with all zeroes for at least the first block (though it can technically be started with other values in some configurations). When the message is loaded in, it’s actually exclusive-or’d (XOR) with the values already initialized. However AES supports an operation called Cipher Block Chaining (CBC) and usually uses it by default, where the output of one block can be used to deterministically generate the IV to the next block, increasing its randomness and making successful decryption of one block dependent on the successful decryption of the prior block.

The advantage of CBC is a drastic increase in the security of the message, and a potential complete loss of decryption for any part of a message after any block that is missing. The disadvantage is that, because of the sequential nature of chaining the blocks together, you can’t effectively parallelize the encryption ~~or decryption~~, decreasing speed. (Edit: as u/spikecurtis points out, this only affects the encryption speed. I got ahead of myself there.)

Edit 2: Why is it that so many commenters in ELI***5*** treat it as “ELI25 and in a Master’s course on this topic but struggling a bit”? If the level of detail you’re delving into is not relevant to explaining at the ***lay*** level, it shouldn’t be here.

You are viewing 1 out of 4 answers, click here to view all answers.