# AES ## Introduction The Advanced Encryption Standard most known as AES is one of the most used ciphers nowadays.\ Created by Vinent Rijmen and Joan Daemen under the name *Rijndael,* it won the NIST competition that resulted in its standardization in 2001 to replace older algorithms such as DES (and its variant 3DES). In fact, it is six times faster than 3DES. AES encrypts a block of 16 bytes only at a time, though ciphertexts tend to be much longer. To accomodate this, cipherexts are cut in blocks of 16 bytes using an operating mode \[see future section on mode]. We only focus on the encryption of a single block. The array of 16 bytes$$(p\_0,\ldots,p\_{15})$$are arranged from up to bottom, column by column in$$4 \times 4$$matrix. During the encryption, the state of this matrix changes and results in a 16-bytes ciphertext$$(c\_0,\ldots,c\_{15})$$whose output can be read following the same ordering: ![AES encryption.](/files/-MZYSp1aX-ledqcbAGFo) A key is involved and three sizes are possible: 128, 192, or 256 bits. Depending of the size, there are a few differences which will be explained later. For now, it is sufficient to know that round keys are derived from this master key. Our interest is to look at what goes inside the transformation between the plaintext and the ciphertext. Basically, there are **four** operations on the state matrix, each important for the security of AES: * `AK`: add round key; * `SR`: shift row; * `SB`: substitution box; * `MC`: MixColumn. All these operations are executed a several number of times in what are called *rounds* to mix the plaintext enough. A look on the flow of an encryption is given in the figure below. ![Rounds of AES.](/files/-MZYTD_jYFMTt6dLLsJW) Two particular cases can be noticed: * the first round is preceded by an additional `AK`; * last round is missing `MC`. The number of rounds `NR` is different depending on the master key length: | Key length | Number of rounds | | ---------- | ---------------- | | 128 | 10 | | 192 | 12 | | 256 | 14 | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://cryptohack.gitbook.io/cryptobook/symmetric-cryptography/aes.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.