Understanding AES-256 Encryption

In 2003, the U.S. Government announced that AES could be used to protect classified information and it soon became the default encryption algorithm for protecting classified information as well as the first publicly accessible and open cipher approved by the National Security Agency (NSA) for top-secret information. The most common iteration is now the AES-256 bit version of this encryption algorithm.

AES-256 bit encryption is the mathematical equivalent of 2256 key possibilities. That means the key (the thing that turns encrypted data into unencrypted data) is a string of 256 ones or zeros with each character having two probabilities resulting in 2256 key possibilities.

The strength of encryption is generally expressed in the length of the numeric ”key” used to scramble and unscramble messages. The DES system used a key 56 bits long—enough to require any code-cracking computer to try so many combinations that the number expressing it is 7,200 followed by 14 zeros.

As computers have become more powerful, the ability to “crack” DES became easier. With Rijndael, a brute-force decryption attempt would require as many as 1,100 combinations followed by 75 zeros—or about 149 trillion years to decrypt.

If all the super computers in the world (the ultimate brute-force attack) decided to group up and tasked themselves to decrypt your AES-256 key so they could access your data, the math makes the attack almost impossible. If each of these super computers could check approximately one quadrillion keys/second, using the one billion super computers, would require millions of years to look at less than .01% of the key possibilities.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s