AES Encryption Standard - IPsec VPN Tutorial Guide
AES (Advanced Encryption Standard)
AES is a strong encryption algorithm used in symmetric key cryptography. The chosen algorithm behind the Advanced Encryption System label was the Rijndael algorithm. AES / Rijndael support different key lengths of 128, 192, and 256 bit key lengths. The longer the key length used the stronger and more difficult the encryption will be to break into. However using a 256 bit key to protect and encrypt data would also mean it will require more processing power and takes longer to process.
Depending on the key lengths and block sizes, AES produces a number of rounds of computation, as detailed below:
- In a block and key size of 128 bits, there are 10 computation rounds.
- In a block and key size of 192 bits, there are 12 computation rounds.
- In a block and key size of 256 bits, there are 14 computation rounds.
AES became the replacement for 3DES and DES. DES in particular was found to be weak and breakable. AES is a popular encryption standard approved by the government and supported by all VPN vendors.
AES today is also used in removable media such as USB's and external hard drives. It is effective in both hardware and software and uses less memory than most other symmetric algorithms. Simply put, you can protect your data on your USB memory stick using encryption software running the AES algorithm. If an encrypted USB stick was stolen and in the wrong hands, data would be protected and would be in an un-readable format.
As well as AES, some other common symmetric encryption algorithms are DES, 3DES, blowfish, Twofish, IDEA, CAST, SAFER, Skipjack and RC.
Further Reading
Wikipedia's guide to AES (Advanced Encryption Standard)