AES Information

The Advanced Encryption Standard (AES), also known as Rijndael, is an encryption standard approved by that National Institute of Standards and Technology (NIST) following a five-year standardization process that involved several competing encryption algorithms. Today, it remains the recommended choice for securing information.

AES was published by NIST as FIPS PUB 197 in November 2001.

The AES encryption algorithm is a block cipher originally created by two Belgians named Joan Daemen and Vincent Rijmen. Since its adoption as a standard, AES has become one of the world's most popular encryption algorithms that uses symmetric keys for encryption and decryption.

For more information, you are invited to read the Wikipedia article on the Advanced Encryption Standard, which provides a very good technical overview.

AES Crypt Technical Details

We are frequently asked about technical aspects of AES Crypt. While the source code is fully published for review, we understand the complexity of the code does not necessarily make some technical aspects obvious.

AES Crypt uses a 256-bit key, which is the longest key length available with AES, using Cipher Block Chaining (CBC) mode.

User passwords are transformed into a 256-bit key using a key-derivation function (KDF). The latest version of AES Crypt uses PBKDF2, which is a FIPS-recommended algorithm. Further, the PBKDF2 implementation uses HMAC-SHA-512 as the hashing function with 300,000 iterations. (With the command-line version, it is possible to set the number of iterations. The value may be safely reduced if one is using a lengthy random key. In general, though, it is best to not reduce this value, as a larger value requires an adversary to expend more time in an attempt to break the key.)

Encrypted data is protected using HMAC-SHA-256 as the message authentication function. This is used to determine whether a password is either wrong or a file is improperly modified or corrupt.