Overview

Advanced Encryption Standard (AES) is a symmetric-key algorithm and block cipher. It was first published in 1998 and replaced DES in 2001. Today, it is the most frequently used method of data encryption. Notably, it is the first and only publicly accessible cipher approved by the U.S. National Security Agency (NSA) to be used to protect classified information up to the level TOP SECRET (for AES-192 or AES-256).

Usage

Key

AES expects a binary key consisting of 16, 24, or 32 bytes to use the AES-128, AES-192, or AES-256 algorithm respectively.

As a symmetric-key algorithm, the same exact key is used for both encryption and decryption. Only someone who knows the exact key that was used to encrypt a message can turn back the encrypted result to its original content, at least in theory.

Initialization Vector

The AES initialization vector (IV), also called starting variable, consists of 16 bytes and determines the starting point of the AES encryption process. It should be unique for each encryption. To successfully decrypt a previously AES encrypted message the same IV used during said encryption needs to be provided to the decryption process. Thus, both the key and the IV need to be kept after encryption.

The purpose of IVs is to introduce randomness into the encrypted data. When the IV is set to a fixed value the same key and input data would always result in the same encrypted data. An attacker could use this property to infer relationships between messages.

Values “Additional data” and “Tag”

The Tag and Additional data values will only be considered when the Galois/Counter Mode (GCM) is selected.

Implementation

The AES encryption operation relies on the JavaScript library forge providing a native implementation of TLS alongside with related cryptographic tools.

See also

Resources