AES implementations explained

There are various implementations of the Advanced Encryption Standard, also known as Rijndael.

Libraries

Rijndael is free for any use public or private, commercial or non-commercial.[1] The authors of Rijndael used to provide a homepage[2] for the algorithm. Care should be taken when implementing AES in software, in particular around side-channel attacks.

The algorithm operates on plaintext blocks of 16 bytes. Encryption of shorter blocks is possible only by padding the source bytes, usually with null bytes. This can be accomplished via several methods, the simplest of which assumes that the final byte of the cipher identifies the number of null bytes of padding added.

Implementation Considerations

Careful choice must be made in selecting the mode of operation of the cipher. The simplest mode encrypts and decrypts each 128-bit block separately. In this mode, called electronic code book (ECB), blocks that are identical will be encrypted identically; this is entirely insecure. It makes some of the plaintext structure visible in the ciphertext. Selecting other modes, such as using a sequential counter over the block prior to encryption (i.e., CTR mode) and removing it after decryption avoids this problem. Another mode, Cipher Block Chaining (CBC) is one of the most commonly used modes of AES due to its use in TLS. CBC uses a random initialization vector (IV) to ensure that distinct ciphertexts are produced even when the same plaintext is encoded multiple times. The IV can be transmitted in the clear without jeopardizing security. A common practice is to prepend the 16 byte IV to the ciphertext, which gives the decrypter easy access to the IV. Care must be taken to use a new IV for every encryption operation, since otherwise an attacker can recover plaintext.

C/ASM library

C++ library

C/CUDA library

C# /.NET

Delphi

Go

Java

Python

JavaScript

Rust

LabVIEW

Zig

Applications

Archive and compression tools

File encryption

Encrypting file systems

Disk / partition encryption

Storage encryption

Security for communications in local area networks

Miscellaneous

Hardware

Notes and References

  1. http://csrc.nist.gov/archive/aes/rijndael/rijndael-ip.pdf Letter Submitted by creators Daemen and Rijndael
  2. https://web.archive.org/web/20050830051506/http://www.esat.kuleuven.ac.be/~rijmen/rijndael/ Original homepage
  3. Web site: Microsoft AES Cryptographic Provider. 9 July 2021 .
  4. Web site: System Administration Guide: Security Services, Chapter 13 Solaris Cryptographic Framework (Overview). September 2010. Oracle. 2012-11-27.
  5. Web site: Untitled 1.
  6. Web site: Get Backup Pro is a solid backup utility for Macs. Engadget. 25 October 2014 . 2016-04-26.
  7. https://lastpass.com/how-it-works/ AES 256-bit encryption with routinely-increased PBKDF2 iterations
  8. https://www.fourmilab.ch/javascrypt/
  9. https://github.com/mi55ing/PyEyeCrypt PyEyeCrypt at github