What Is AES Encryption & Is It Really the Best in 2025?

Ana Jovanovic
Ana Jovanovic Editor
Updated on: December 16, 2024
Fact-checked by Kate Davidson
Ana Jovanovic Ana Jovanovic
Updated on: December 16, 2024 Editor
Fact-checked by Kate Davidson

AES encryption is one of the most trusted methods for protecting digital information. First adopted by the US government in 2001 after a strict selection process, the Advanced Encryption Standard has become a global benchmark for speed, reliability, and security in encryption.

This encryption is critical for keeping sensitive data safe from theft or tampering. It’s so secure that even the fastest supercomputers would need billions of years to break it with brute force. Because of its unmatched strength, AES is the backbone of cybersecurity for everything from online banking to government file protection.

AES encryption is implemented even in everyday products you might already be using. For instance, password managers like 1Password and virtual private networks (VPNs) like ExpressVPN use AES to keep your passwords, financial details, and private messages secure. Let’s explore what makes AES encryption so essential in today’s digital world.

Editors' Note: ExpressVPN and this site are in the same ownership group.

How Does AES Encryption Work?

AES encryption protects your data by transforming it into a scrambled format that’s unreadable without the correct key. It achieves this through a series of complex steps, each making the encrypted data harder to crack.

Here’s how AES works, step-by-step:

Step 1. Dividing data into blocks. AES processes data in 128-bit blocks. If the input data is larger, it’s split into multiple blocks of 128 bits each. If the last block is smaller than 128 bits, padding is applied to make it 128 bits.

How Does AES Encryption Work?

Step 2. Key expansion. The initial AES key (which can be 128, 192, or 256 bits long) is expanded into an array of key schedule words. These expanded keys are used in each round of the encryption process. In this example, let’s use “conservationists”.

Step 3. Adding round key. In the first round of AES encryption, the initial block of data is combined with the first round key using a Boolean algebra operation known as XOR. XOR stands for “Exclusive Or”. The output of this operation will be true only if the two input values differ.

How Does AES Encryption Work?

Step 4. Byte substitution. This step uses the Rijndael S-box (substitution box) to replace each byte of data with another byte based on a fixed lookup table.

How Does AES Encryption Work?

Step 5. Shifting rows. The rows of the data matrix are then shifted. The first row stays the same, the second row shifts by 1 position, the third by 2, and the fourth by 3.

How Does AES Encryption Work?

Step 6. Mixing columns. Each column of the data matrix is then mixed. This is done through a mathematical matrix multiplication inside a finite (Galois) field.

Step 7. Adding round key (again). After the data has been mixed, a round key is added to the data once more, through another XOR operation (just like in step 3). This round key is different from the initial one.

Step 8. Repeating the steps for additional rounds. For AES-128, this process (steps 4 through 7) repeats for 9 additional rounds, for AES-192 it repeats for additional 11 rounds, and for AES-256, it repeats for another 13 rounds. After the final round, there’s no mixing columns step (Step 6), but the other operations still occur.

AES Key Lengths

AES encryption comes in 3 key lengths, each offering a different level of security. A 128-bit key has several billion possible combinations, a 192-bit key has even more, and a 256-bit key has an astronomical number of combinations, making it virtually impossible to crack.

While AES-256 is the strongest, it requires more computer resources, like power and processing speed, which may slightly affect battery life or encryption speed. However, the difference in the resources needed between AES-128 and AES-256 is so minimal that AES-256 has become the preferred choice for password managers, VPNs, and many other trusted cybersecurity tools. And even if a product uses 128-bit AES, it’s still incredibly secure and has never been cracked.

AES Decryption

The decryption process is the reverse of the encryption process. It starts by applying the final round key to the ciphertext using an XOR operation, followed by a series of reverse steps — shifting rows, byte substitution, and mixing columns (in reverse order). The key expansion is also applied in reverse, using the pre-expanded keys in each round to transform the data back into its original state.

During AES decryption, the number of rounds is the same as during encryption, but the operations are applied in reverse order. For AES-128, AES-192, or AES-256, the process repeats for the corresponding number of rounds, with the final round skipping the mixing columns step.

Once all rounds are completed, the output is the original plaintext data, fully restored from the scrambled ciphertext — but only if the correct decryption key is used. This ensures that data remains secure, as only the correct key can unlock the encrypted information.

Common Uses of AES Encryption

AES encryption is widely used to protect sensitive data in cybersecurity. Here are some of its most common applications:

  • VPNs: The top VPNs use 256-bit AES encryption to protect your internet traffic, ensuring that hackers can’t intercept your data when you’re connected to public Wi-Fi. This prevents cybercriminals from accessing sensitive information like passwords, emails, and financial details.
  • Password managers: Password managers (like Dashlane, for instance) use 256-bit AES encryption to securely store and protect your login credentials. AES ensures that only you, with the correct master password, can decrypt and access your stored passwords, adding an extra layer of security.
  • Online banking: Banks and financial institutions use AES to encrypt sensitive information during transactions, ensuring your personal and payment details remain private. AES prevents unauthorized parties from gaining access to your account, protecting you from identity theft and fraud.
  • Government communications: Governments worldwide use AES to safeguard classified information and secure communications. Given its strength, AES protects sensitive national security data, preventing unauthorized access even from highly advanced cyberattacks.
  • Email encryption: Many email services use AES encryption to secure email contents, ensuring that private communications remain protected during transmission. This prevents eavesdropping and ensures that only the intended recipient can read the message.
  • File encryption: AES is widely used for encrypting files and documents, both on your devices and during transfers. This ensures that sensitive files, such as business contracts, legal documents, or personal information, are protected from unauthorized access.
  • Cloud storage: Cloud service providers use AES encryption to safeguard files stored in the cloud. Whether you’re storing photos, work documents, or backups, AES ensures that your data is encrypted before it leaves your device, preventing breaches and data theft.
  • Mobile devices: Smartphones and tablets often use AES encryption to secure user data, including contacts, messages, and app data. This protects personal information in the event of a lost or stolen device, ensuring that unauthorized users can’t access your sensitive data.

AES vs. Data Encryption Standard (DES)

AES is much stronger and more secure than the older DES. One of the main differences is the key size: AES supports key lengths of 128, 192, and 256 bits, while DES only has a 56-bit key. This makes AES much harder to crack, as modern computers can easily break DES due to its small key size.

AES also works faster and more efficiently. DES uses 64-bit blocks of data, while AES processes data in 128-bit blocks, allowing it to handle larger volumes of information more effectively.

AES is now the standard for secure encryption worldwide, just as Transport Layer Security (TLS) has replaced Secure Sockets Layer (SSL) for secure online connections.

AES vs. RSA

AES and RSA are both popular encryption methods, but they work differently and are used for different purposes. AES is a symmetric encryption method, which means it uses the same key for both encryption and decryption. This makes it fast and efficient, which is why it’s often used to encrypt large amounts of data, such as files or communications.

In contrast, Rivest–Shamir–Adleman (RSA) is an asymmetric encryption method, which uses two keys: a public key for encryption and a private key for decryption. While RSA is slower than AES, it’s useful for securely exchanging keys and creating digital signatures, which verify the identity of the sender. In many cases, AES and RSA are used together. RSA encrypts the AES key, which is then used to encrypt data. This combination allows for secure key exchange and efficient data encryption.

Potential Drawbacks of AES Encryption

AES is a highly secure encryption method, but it does have some limitations. One drawback is its performance. Stronger encryption methods, such as AES-256, require more processing power, which can slow down devices with limited resources, like smartphones or IoT devices. For instance, encryption-heavy applications on older smartphones may experience noticeable delays.

Key management is another challenge. The security of AES depends on how well encryption keys are stored and protected. If keys are compromised or lost, such as in a data breach, the encryption can easily be bypassed. For example, if an attacker gains access to the key storage of a poorly secured device, they can decrypt sensitive data.

AES can also be vulnerable to side-channel attacks. A side-channel attack is a cybersecurity exploit where attackers extract sensitive information by analyzing unintended physical or operational characteristics of a system, such as timing, power consumption, electromagnetic emissions, or acoustic signals, rather than directly targeting software vulnerabilities.

So, while the AES algorithm itself is secure, attackers can exploit weaknesses in how a system handles encryption. For example, power consumption or timing delays could reveal information about the key. Since AES’s adoption, various cybersecurity researchers have demonstrated and documented that observing power consumption patterns during encryption could allow attackers to deduce AES keys.

Lastly, improper implementation of AES can create vulnerabilities. Even though AES is a strong algorithm, if it’s incorrectly configured — such as using weak keys or flawed encryption routines — attackers can bypass the encryption. For instance, using hardcoded keys or failing to properly randomize keys can leave systems open to attack.

Frequently Asked Questions

The listings featured on this site are from companies from which this site receives compensation and some are co-owned by our parent company. This influence: Rank and manner in which listings are presented. 
Learn more
About the Author
Ana Jovanovic
Updated on: December 16, 2024

About the Author

Ana Jovanovic is an editor at SafetyDetectives. She has nearly a decade of experience editing, proofreading, fact-checking, and rewriting content for dozens of websites covering various topics, including two dedicated to antiviruses, VPNs, parental controls, and password managers. Prior to joining the SafetyDetective team, she led a team of SEO content editors working in several niches, including cybersecurity, finance, and technology. Ana has also worked in printed media and the book publishing industry as an editor and translator. When she's not working, she enjoys reading, cooking, and taking care of her plants — she has over a hundred of them!

Leave a Comment