What are the defining parameters of AES (Advanced Encryption Standard)?
A symmetric block cipher with a 128-bit block size and a 128, 192, or 256-bit key, encrypting in multiple rounds. Longer key → more rounds → higher security.
| Variant | Key size | Number of rounds | Brute-force complexity |
|---|---|---|---|
| AES-128 | 128 bits | 10 | 2¹²⁸ (still infeasible for any foreseeable computer) |
| AES-192 | 192 bits | 12 | 2¹⁹² |
| AES-256 | 256 bits | 14 | 2²⁵⁶ (post-quantum margin) |
Block size is always 128 bits, regardless of key length. That's a key/block distinction people sometimes confuse.
History:
- Standardised by NIST in 2001 after a 4-year open competition (the Rijndael algorithm by Belgian cryptographers Joan Daemen and Vincent Rijmen won).
- The successor to DES (56-bit key — brute-forced in 1998 by EFF's "Deep Crack" in 22 hours).
- Modern CPUs have hardware support (Intel AES-NI instructions, ARM Crypto Extension) — symmetric encryption is essentially free in 2024.
Why "longer key = higher security": doubling the key length squares the brute-force search space. AES-128 needs 2¹²⁸ operations to brute-force, AES-256 needs 2²⁵⁶ — that's not "twice as hard", it's "2¹²⁸ times harder."
Tip: AES-128 is enough for almost all practical purposes. AES-256 is used when you want a margin against future advances (quantum computers reduce brute-force complexity by half — Grover's algorithm). Choose AES-256 for long-term-confidential data, AES-128 for session traffic.