RSA algorithm is an asymmetric cryptography algorithm.

Asymmetric actually means that it works on

two different keys i.e. Public Key and Private Key. As the name describes that the Public Key is given to
everyone and the Private key is kept private.

An example of asymmetric cryptography : 

1. A client (for example browser) sends its public key to the server and requests some data.

2. The server encrypts the data using the client’s public key and sends the encrypted data.

3. The client receives this data and decrypts it.

Since this is asymmetric, nobody else except the browser can decrypt the data even if a third party has
the public key of the browser.

The idea! The idea of RSA is based on the fact that it is difficult to factorize a large integer. The public
key consists of two numbers where one number is a multiplication of two large prime numbers. And
private key is also derived from the same two prime numbers. So if somebody can factorize the large
number, the private key is compromised. Therefore encryption strength totally lies on the key size and if
we double or triple the key size, the strength of encryption increases exponentially. RSA keys can be
typically 1024 or 2048 bits long, but experts believe that 1024-bit keys could be broken in the near
future. But till now it seems to be an infeasible task.

Advanced Encryption Standard (AES)

 Difficulty Level : Hard

 Last Updated : 11 Feb, 2022

 Read

 Discuss

 Practice

 Video

 Courses

Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established
by the U.S National Institute of Standards and Technology (NIST) in 2001. AES is widely used today as it is
a much stronger than DES and triple DES despite being harder to implement.

Points to remember

 AES is a block cipher.

 The key size can be 128/192/256 bits.

 Encrypts data in blocks of 128 bits each.

That means it takes 128 bits as input and outputs 128 bits of encrypted cipher text as output. AES relies
on substitution-permutation network principle which means it is performed using a series of linked
operations which involves replacing and shuffling of the input data.

Working of the cipher :

AES performs operations on bytes of data rather than in bits. Since the block size is 128 bits, the cipher
processes 128 bits (or 16 bytes) of the input data at a time.

The number of rounds depends on the key length as follows :

 128 bit key – 10 rounds

 192 bit key – 12 rounds

 256 bit key – 14 rounds

Creation of Round keys :

A Key Schedule algorithm is used to calculate all the round keys from the key. So the initial key is used to
create many different round keys which will be used in the corresponding round of the encryption.

Encryption :
AES considers each block as a 16 byte (4 byte x 4 byte = 128 ) grid in a column major arrangement.
[ b0 | b4 | b8 | b12 |

| b1 | b5 | b9 | b13 |

| b2 | b6 | b10| b14 |

| b3 | b7 | b11| b15 ]

Each round comprises of 4 steps :

 SubBytes

 ShiftRows

 MixColumns

 Add Round Key

The last round doesn’t have the MixColumns round.

The SubBytes does the substitution and ShiftRows and MixColumns performs the permutation in the
algorithm.

SubBytes  :
This step implements the substitution.

In this step each byte is substituted by another byte. Its performed using a lookup table also called the S-
box. This substitution is done in a way that a byte is never substituted by itself and also not substituted
by another byte which is a compliment of the current byte. The result of this step is a 16 byte (4 x 4 )
matrix like before.

The next two steps implement the permutation.

ShiftRows :
This step is just as it sounds. Each row is shifted a particular number of times.

 The first row is not shifted

 The second row is shifted once to the left.

 The third row is shifted twice to the left.

 The fourth row is shifted thrice to the left.

(A left circular shift is performed.)

[ b0 | b1 | b2 | b3 ] [ b0 | b1 | b2 | b3 ]

| b4 | b5 | b6 | b7 | -> | b5 | b6 | b7 | b4 |

| b8 | b9 | b10 | b11 | | b10 | b11 | b8 | b9 |

[ b12 | b13 | b14 | b15 ] [ b15 | b12 | b13 | b14 ]

MixColumns :
This step is basically a matrix multiplication. Each column is multiplied with a specific matrix and thus the
position of each byte in the column is changed as a result.

This step is skipped in the last round.

[ c0 ] [ 2 3 1 1 ] [ b0 ]

| c1 | = |1 2 3 1| | b1 |

| c2 | |1 1 2 3| | b2 |

[ c3 ] [3 1 1 2] [ b3 ]

Add Round Keys :

Now the resultant output of the previous stage is XOR-ed with the corresponding round key. Here, the
16 bytes is not considered as a grid but just as 128 bits of data.

After all these rounds 128 bits of encrypted data is given back as output. This process is repeated until
all the data to be encrypted undergoes this process.
Decryption :
The stages in the rounds can be easily undone as these stages have an opposite to it which when
performed reverts the changes.Each 128 blocks goes through the 10,12 or 14 rounds depending on the
key size.

The stages of each round in decryption is as follows :

 Add round key

 Inverse MixColumns

 ShiftRows

 Inverse SubByte

The decryption process is the encryption process done in reverse so i will explain the steps with notable
differences.

Inverse MixColumns :
 This step is similar to the MixColumns step in encryption, but differs in the matrix used to carry out the
operation.

[ b0 ] [ 14 11 13 9 ] [ c0 ]

| b1 | = | 9 14 11 13 | | c1 |

| b2 | | 13 9 14 11 | | c2 |

[ b3 ] [ 11 13 9 14 ] [ c3 ]

Inverse SubBytes :
Inverse S-box is used as a lookup table and using which the bytes are substituted during decryption.

Summary : 
AES instruction set is now integrated into the CPU (offers throughput of several GB/s)to improve the
speed and security of applications that use AES for encryption and decryption. Even though its been 20
years since its introduction we have failed to break the AES algorithm as it is infeasible even with the
current technology. Till date the only vulnerability remains in the implementation of the algorithm.

AES vs. RSA Encryption: What Are the Differences?

One thing that’s become abundantly clear in the internet age is that preventing unauthorized people
from gaining access to the data stored in web-enabled computer systems is extremely difficult. All it
takes is for a worker to click on the wrong link in an email, or respond unwarily to a seemingly legitimate
request for information, and an intruder could gain complete access to all your data. In today’s
regulatory and public relations environments, that kind of breach can be catastrophic.
But what if you could be assured that even if an attacker got access to your information, they couldn’t
use it? That’s the role of data encryption.

How encryption works

The basic idea of encryption is to convert data into a form in which the original meaning is masked, and
only those who are properly authorized can decipher it. This is done by scrambling the information using
mathematical functions based on a number called a key. An inverse process, using the same or a
different key, is used to unscramble (or decrypt) the information. If the same key is used for both
encryption and decryption, the process is said to be symmetric. If different keys are used the process is
defined as asymmetric.

Two of the most widely used encryption algorithms today are AES and RSA. Both are highly effective and
secure, but they are typically used in different ways. Let’s take a look at how they compare.

AES encryption

AES (Advanced Encryption Standard) has become the encryption algorithm of choice for governments,
financial institutions, and security-conscious enterprises around the world. The U.S. National Security
Agency (NSC) uses it to protect the country’s “top secret” information.

The AES algorithm successively applies a series of mathematical transformations to each 128-bit block of
data. Because the computational requirements of this approach are low, AES can be used with
consumer computing devices such as laptops and smartphones, as well as for quickly encrypting large
amounts of data. For example, the IBM z14 mainframe series uses AES to enable pervasive encryption in
which all the data in the entire system, whether at rest or in transit, is encrypted.

AES is a symmetric algorithm which uses the same 128, 192, or 256 bit key for both encryption and
decryption (the security of an AES system increases exponentially with key length). With even a 128-bit
key, the task of cracking AES by checking each of the 2 128 possible key values (a “brute force” attack) is so
computationally intensive that even the fastest supercomputer would require, on average, more than
100 trillion years to do it. In fact, AES has never been cracked, and based on current technological
trends, is expected to remain secure for years to come.

RSA encryption

RSA is named for the MIT scientists (Rivest, Shamir, and Adleman) who first described it in 1977. It is an
asymmetric algorithm that uses a publicly known key for encryption, but requires a different key, known
only to the intended recipient, for decryption. In this system, appropriately called public key
cryptography (PKC), the public key is the product of multiplying two huge prime numbers together. Only
that product, 1024, 2048, or 4096 bits in length, is made public. But RSA decryption requires knowledge
of the two prime factors of that product. Because there is no known method of calculating the prime
factors of such large numbers, only the creator of the public key can also generate the private key
required for decryption.

RSA is more computationally intensive than AES, and much slower. It’s normally used to encrypt only
small amounts of data.

How AES and RSA work together

A major issue with AES is that, as a symmetric algorithm, it requires that both the encryptor and the
decryptor use the same key. This gives rise to a crucial key management issue – how can that all-
important secret key be distributed to perhaps hundreds of recipients around the world without running
a huge risk of it being carelessly or deliberately compromised somewhere along the way? The answer is
to combine the strengths of AES and RSA encryption.

In many modern communication environments, including the internet, the bulk of the data exchanged is
encrypted by the speedy AES algorithm. To get the secret key required to decrypt that data, authorized
recipients publish a public key while retaining an associated private key that only they know. The sender
then uses that public key and RSA to encrypt and transmit to each recipient their own secret AES key,
which can be used to decrypt the data.

Understanding AES and RSA Encryption Algorithms

July 30, 2021

 Topics:

 Security

Encryption is a way of enciphering data especially when it’s in transit to prevent unauthorized personnel
from gaining access to it. Encryption is always done with the intent of allowing only the intended
recipient of a piece of data to have access to the data.

Maintaining the integrity, confidentiality, and availability of data and information is key in data
communication and this is where data encryption comes in handy.

Table of contents

1. Prerequisites

2. What is an encryption algorithm?

3. Getting started with the AES encryption algorithm

4. Functionality of the AES algorithm

5. Getting started with the RSA encryption algorithm

6. RSA algorithm functionality

7. Conclusion

Prerequisites

For a reader to understand this article, they should have the following prior knowledge:

 A basic understanding of the concept of data encryption and the need for encryption in data
communication.

 A beginner’s understanding of data cryptography.

What is an encryption algorithm?

An encryption algorithm is a set of rules used to transform data into ciphertext using an encryption key.
This will make the data appear to be completely different from the initial data and will seem random.

The cipher will then be transmitted safely to a recipient who will then go ahead and recover the initial
data through a process called decryption using a decryption key.

AES and RSA are both an example of the algorithms in data communication that are used for data
encryption. AES is an acronym that stands for Advanced Encryption Standard while RSA stands
for Rivest, Shamir, Adleman.

Getting started with the AES encryption algorithm

AES was initially referred to as Rijndael which is a Symmetric block cipher algorithm.

It was specifically developed for encrypting electronic data back in the United States by the National
Institute of Standards and Technology. Ever since the AES has been used worldwide in encrypting
confidential data.

AES was developed as a replacement for the Data Encryption Standard after it started showing
vulnerabilities to brute-force attackers.

Functionality of the AES algorithm

The functionality of the AES algorithm might seem complex but in a real sense, it is really simple to
understand. The first step is knowing that AES has 3 Block ciphers, namely:

 AES-128

As we already know, the encryption and decryption processes is done by using a key. This block cipher
uses a key that is 128 bits long for encryption and decryption of a message and is the least secure of the
three blocks available.

Even though AES-128 has never been hacked, its resistance to brute-force attacks is worrying. Despite
the security issues seen in AES-128, it is very fast and comes with a lot of efficiency in data encryption.

 AES-192

The AES-192 uses a key that is 192 bits long for the encryption and decryption of messages. It is more
resistant to brute-force attacks as compared to AES-128 because it has a longer key, thereby more
secure. Despite this, AES-192 is not commonly used, people tend to lean towards AES-256.

 AES-256

The AES-256 uses a key that is 256 bits long for the encryption and decryption of messages. This block is
more secure when compared to the AES-128 and AES-192 because of the long length of the encryption
key.

The longer the encryption key, the more difficult the algorithm is to hack. AES-256 is therefore very
resistant to brute-force attacks when compared to the two previous blocks.
AES being an asymmetric block cipher, means that the key used in encryption and decryption is a kept
secret and is only made known to the sender and the recipient of the message.

The key used when encrypting the message is usually the same key used to decrypt the message on the
receiving end. When encrypting using AES, a person can either use AES-128, AES-192, or even the AES-
256. During this encryption, some steps are followed to encrypt a message and these steps are done in
rounds.

Each round is made up of several steps of substitution, transposition, and mixing of the message into
ciphertext and also has a key called a round key.

Below is a simple diagrammatic representation flow of how AES encrypts data:

This illustrates that either of the 3 encryption keys is used to encrypt the message. The encryption
process occurs in the “cipher” and an encrypted message is produced in the “ciphertext”.

The encryption process has 10 rounds for a 128-bit long key, 12 rounds for a 192-bit long key, and 14
rounds for a 256-bit long key.

Below is a step by step explanation when encrypting data using the AES algorithm:

Step 1: Generation of round keys

This occurs through a process called key expansion where the original secret key is used to derive round
keys by use of Rijndael’s key schedule algorithm.
Image Source: Wikipedia

Step 2: Mixing of the message into ciphertext

This involves combining each round key that has been generated above with the plain message being
encrypted. This is done using the Additive XOR algorithm.

Step 3: Substituting the data received from step 2

This involves substituting the resultant data from step 2 in a substituting table.

Image Source: Wikipedia

Sep 4: Shifting of rows

Shift all the bytes in the substitution table to the right.

Image Source: Wikipedia

Step 5: Mixing

An algorithm is used to mix the contents of each column.

Image Source: Wikipedia

The entire process is then repeated several times with each repeat being called a round and encrypted
with the round keys we generated in step 1.

Getting started with the RSA encryption algorithm

RSA was named after its first describers Rivest, Shamir, and Adleman. Rivest–Shamir–Adleman is an
asymmetric encryption algorithm used by modern computers in data encryption and decryption.

RSA uses two keys, one being the public key which is used for encryption and the private key used for
data decryption hence it being an asymmetric algorithm. The encryption key is always made public and
can be accessed by anyone while the decryption key is kept private.

This algorithm is based on the fact that finding factors of composite numbers is a difficult task.
Below is a simple diagrammatic representation flow of how RSA encrypts data:

RSA algorithm functionality

Below you will find a step by step list of instructions on how to achieve encryption using the RSA
algorithm:

Step 1: Generate the encryption and decryption keys

To generate the keys:

 Pick any two large prime numbers and keep them secret.

For example, let’s pick the prime numbers x and y

 Evaluate

z = xy where z is the modulus of the two keys being generated

 Evaluate the totient

φ(z)=(x-1)(y-1)

 Pick any integer e in which 1 < e < φ(z) and e is the public key exponent.

 Evaluate k and keep it as the private key exponent as follows:

ke is [congruent](https://en.wikipedia.org/wiki/Modular_arithmetic) 1 in mod φ(z)

ke ≡ 1 (mod φ(z))
The public key is made of the modulus z and the exponent e while the private key is made of x and y and
the private exponent k. The public key is made available to everyone but the private key should only be
accessed by the recipient of the message.

Step 2: Encrypting the message using the generated encryption key

 Send the public key (z,w) generated above to the person who wants to send a message and keep
the private key.

 The message sender turns the message into a number G. The number G should be smaller
than z. This is done using an agreed-upon protocol commonly referred to as Padding scheme.

 The sender then computes the ciphertext of the message using the expression, c = G^e mod
z where c represents the ciphertext.

The receiver can decrypt the message using the expression G = c^d mod n according to the chinese
remainder theorem.

Conclusion

Encryption is key in matters of information security. It is therefore vital to learn about the different
algorithms used in data encryption other than AES and RSA. This will help broaden your horizons as far
as data security is concerned.

Asymmetric? RSA or AES?

If you're looking to encrypt data to protect it, you might find there are different encryption methods and
encryption algorithms to pick from. From RSA to AES, your pick should be informed by context.

What is Data Encryption?

Data Encryption is a process that can be as easy as flipping on a switch if you know what you're looking
to achieve. Let's recap the basics of this data security asset. To encrypt data is to take a piece of
information, and translate it into another piece of unrecognizable information. This end product is called
a ciphertext.
To get a ciphertext, you run the information that is to be encrypted through an encryption algorithm.
This algorithm takes the original information and, based on randomized rules, transforms the
information into a new, undecipherable piece of data. Think of it as a 'translation'.

What the encryption algorithm does is create a new language, and hides sensitive data by transforming
it into this secret code, which you can only decrypt and turn back to plaintext if you know the rules, or
what's called a key. The key represents the mathematical steps the algorithm took to convert your text
from "Hello World" into "XJtg920kl#aJFJ"%*¨*FK". Without it, you can't decrypt the data, and thus it is
protected from unauthorized access.

Types of Encryption Systems

There are many different types of encryption algorithms and methods to pick from, so how do you know
which one is the safest pick for your cybersecurity needs? Let’s begin with the most basic
distinction: symmetric vs asymmetric encryption.

Symmetric Encryption

In symmetric encryption, there is only one key, and all parties involved use the same key to encrypt and
decrypt information. By using a single key, the process is straightforward, as per the following example:
you encrypt an email with a unique key, send that email to your friend Tom, and he will use the same
symmetric key to unlock/decrypt the email.

WHAT IS A SYMMETRIC KEY?

A symmetric key is one that may be used to encrypt and decode data. This implies that in order to
decrypt information, the same key that was used to encrypt it must be utilized. In practice, the keys
represent a shared secret shared by two or more people that may be utilized to maintain a confidential
information link.
The perks of symmetric encryption are its faster performance and low resource consumption, but it is
inherently older and less secure than its counterpart. The reason is simple: if you scale your encryption
to a company-wide scale, it means you’re putting all your trust into a single key you will need to share
around a lot.

USE OF SYMMETRIC ENCRYPTION

Symmetric encryption is great when working with sensitive data in bulk, or encryption tasks that intend
to permanently hide information without the need for decryption. For example, when you
activate BitLocker on a Windows computer to encrypt all hard drives. By unlocking the PC with his/her
passcode, the user will decrypt data without the risk of exposing its secret encryption key. Another
example is VPNs, which encrypt your network traffic with a local key and don’t have the need to share
that outside of your own use.

Asymmetric Encryption

Asymmetric encryption, on the other hand, was created to solve the inherent issue of symmetric
encryption: the need of sharing a single encryption key around that is used both for encrypting and
decrypting data.
WHAT IS AN ASYMMETRIC KEY?

Asymmetric keys are the cornerstone of Public Key Infrastructure (PKI), an encryption technique that
requires two keys, one to lock or encrypt the plaintext and another to unlock or decrypt the cyphertext.
Neither key performs both functions.

This newer and safer method utilizes two keys for its encryption process, the public key, used for
encryption, and the private key used for decryption. These keys are related, connected, and work in the
following way:

A public key is available for anyone who needs to encrypt a piece of information. This key doesn’t work
for the decryption process. A user needs to have a secondary key, the private key, to decrypt this
information. This way, the private key is only held by the actor who decrypts the information, without
sacrificing security as you scale security.

ASYMMETRIC ENCRYPTION USES

A good example is email encryption. With asymmetric encryption, anyone can use your public key to
send you an encrypted email that you only can decipher using your private key.

Naturally, asymmetric is a more advanced encryption standard and thus is slower and resource-
consuming. Due to this, it is usually utilized in smaller transactions, usually to establish safe
communication channels, or authenticating users.

Symmetric vs Asymmetric Encryption

Encryption types can be easily divided into these two categories. Symmetric encryption, is single-key
encryption, asymmetric encryption, or public-key encryption.

These are their most relevant differences:

 Symmetric encryption uses a unique key that must be shared between the people who need to
receive the message, while asymmetric encryption uses a pair of public keys and a private key to
encrypt and decrypt messages when they are communicated.
  Symmetric encryption is an old technique, while asymmetric encryption is relatively new.

 Asymmetric encryption was introduced to complement the inherent problem of key sharing in
the symmetric encryption model, by removing the need for key sharing through the use of a
public-private key pair.

 Asymmetric encryption takes relatively longer than symmetric encryption.

Common Symmetric Encryption Algorithms

AES Encryption or Advanced Encryption System

AES is one of the most common symmetric encryption algorithms used today, developed as a
replacement to the outdated DES (Data Encryption Standard), cracked by security researchers back in
2005. This new algorithm sought to solve its predecessor’s main weakness, a short encryption key length
vulnerable to brute force.

AES encrypts information in a single block (block cipher), and does so one block at a time in what is
called ’rounds’. Data is initially converted into blocks, and then these are encrypted with the key in
different rounds depending on key size: 14 rounds for 256-bits, 12 rounds for 192-bits, and 10 rounds
for 128-bits. The process involves a series of data manipulation and mixing steps that are done each
round: substitution, transposition, mixing, column mix, and sub bytes.

Blowfish and TwoFish

Blowfish was another symmetric successor to DES, designed as a block cipher like AES but with a key
length that goes from 32 bits to 448 bits. It was designed as a public tool, not licensed and free. This
initial version was upgraded to TwoFish, an advanced version of the latter, which utilizes a block size of
128-bits, extendable up to 256-bits.

The main difference with other encryption algorithms is that it utilizes 16 rounds of encryption,
independently of the key or data size.

The main reason why TwoFish is not considered the top symmetric algorithm is that AES gained
recognition and was quickly adopted as a standard by manufacturers, meaning it had the upper
technical edge.

3DES or Triple Data Encryption Standard

Finally, the direct successor to DES is 3DES, or Triple Des. This symmetric algorithm is an advanced form
of the deprecated DES algorithm that uses a 56-bit key to encrypt blocks of data. Its concept is simple: it
applies DES three times to each block of information, tripling the 56-bit key into a 168-bit one.

Due to applying the same process thrice, 3DES is slower than its more modern counterparts.
Furthermore, by using small blocks of data, the risk of decryption by brute force is higher.

Common Asymmetric Encryption Algorithms

RSA or Rivest–Shamir–Adleman
Considered a staple of asymmetric encryption. Designed by the engineers that gave it its name in 1977,
RSA uses the factorization of the product of two prime numbers to deliver encryption of 1024-bits and
up to 2048-bit key length. According to research conducted in 2010, you would need 1500 years
of computational power to crack its smaller 768-bit version!

However, this means that it is a slower encryption algorithm. Since it requires two different keys of
incredible length, the encryption and decryption process is slow, but the level of security it provides for
sensitive information is incomparable.

ECC or Elliptic Curve Cryptography

This method was originally pitched in 1985 by Neal Koblitz and Victor S. Miller, only to be implemented
years later in 2004. ECC uses a fairly difficult mathematical operation based on elliptic curves on a finite
field, in what is called the Elliptic-curve Diffie–Hellman.

With ECC you have a curve, defined by a math function, a starting point (A), and an ending point (Z) in
the curve. The key is that to get to Z, you have done a series of “hops”, or multiplications that resulted in
Z. This amount of hops is the private key.

Randomized calculations can result in any type of arrangement in the curve.

Even if you have the starting and ending point (public key), and the curve, it is nearly impossible to crack
the private key. This is because ECC is what is called a “trapdoor”, or a mathematical operation that is
easy and quick to complete, but extremely difficult to reverse.

ECC, or ECDH, a mathematical formula is of such strength that it can match a 1024-bit key system with
security with a 164-bit key. In its highest setting, 512-bits, ECC can achieve a comparable level of security
of a 15360-bit RSA key!

To paint a picture, RSA 2048-bit keys are the banking standard, yet 521-bit ECC delivers the equivalent of
a 15360-bit RSA key.

Considering the aforementioned facts, ECC is considered the future of encryption. It’s asymmetric, yet it
is able to provide a security level of 256 bits at a maximum key length of 521 bits, which ensures fast
encryption speeds with a high complexity of decryption to ensure sensitive data stays safe.

ECC is also extremely attractive for mobile, where processing power is low and data transfers are high.

Which Data Encryption Algorithm is Best?

Well, that definitely depends. For some people, best  could mean most popular. However, we could
answer what is the most popular encryption based on which one is used the most. Instead of saying
which one is the best or the most popular one, we will share a quick recap of all the algorithms and their
best qualities:

AES (Symmetric)

AES is one of the most frequently used algorithms. It is fast, with a variable key length option that gives
it extra security. It is ideal when handling large amounts of encrypted data.

TwoFish (Symmetric - previously BlowFish)

The main attraction of TwoFish is its flexibility in performance, giving you total control of the encryption
speed.

3DES (Symmetric)

Despite its slower speeds and generally outdated status when compared to AES, it is still widely utilized
in financial services to encrypt ATM PINs and UNIX passwords.

RSA (Asymmetric)

Since its speed isn’t convenient for processing large amounts of data, RSA encryption is mostly used in
digital signatures, email encryption, SSL/TLS certificates, and browsers.

ECC (Asymmetric)

The low-cost, low-impact, high-security combination makes it the ideal standard for protecting sensitive
mobiles and apps. It may likely be the algorithm of the future.

Difference between AES and DES ciphers

 Difficulty Level : Easy

 Last Updated : 16 Nov, 2022

 Read

 Discuss

 Practice

 Video

 Courses

AES and DES are both examples of symmetric block ciphers but have certain dissimilarities. 

 
AES DES

AES stands for Advanced Encryption Standard DES stands for Data Encryption Standard

The date of creation is 1999. The date of creation is 1976.

Byte-Oriented. Bit-Oriented.

Key length can be 128-bits, 192-bits, and 256-bits. The key length is 56 bits in DES.

Number of rounds depends on key length: 10(128- DES involves 16 rounds of identical
bits), 12(192-bits), or 14(256-bits) operations

The structure is based on a substitution-permutation The structure is based on

network. a Feistel network.

The design rationale for AES is open. The design rationale for DES is closed.

The selection process for this is secret but accepted for

open public comment. The selection process for this is secret.

DES can be broken easily as it has known

vulnerabilities. 3DES(Triple DES) is a
AES is more secure than the DES cipher and is the de variation of DES which is secure than the
facto world standard. usual DES.

The rounds in DES are: Expansion, XOR

The rounds in AES are: Byte Substitution, Shift Row, operation with round key, Substitution
Mix Column and Key Addition and Permutation

AES can encrypt 128 bits of plaintext. DES can encrypt 64 bits of plaintext.
AES DES

AES cipher is derived from an aside-channel square

cipher. DES cipher is derived from Lucifer cipher.

AES was designed by Vincent Rijmen and Joan

Daemen. DES was designed by IBM.

No known crypt-analytical attacks against AES but side

channel attacks against AES implementations possible. Known attacks against DES include Brute-
Biclique attacks have better complexity than brute force, Linear crypt-analysis, and
force but still ineffective. Differential crypt-analysis.