AES Encryption Explained: How It Works and Why It Matters
AES (Advanced Encryption Standard) is the most widely used symmetric encryption algorithm in the world. It is the standard adopted by the U.S. government for protecting classified information and is used by billions of people every day without even knowing it — from securing Wi-Fi networks to encrypting messages in messaging apps.
What Is AES Encryption?
AES is a symmetric block cipher that encrypts data in fixed-size blocks of 128 bits. "Symmetric" means the same key is used for both encryption and decryption. This makes AES fast and efficient for bulk data encryption, but it also means the key must be kept secret and shared securely between the sender and receiver.
The algorithm was developed by Belgian cryptographers Joan Daemen and Vincent Rijmen and was originally called Rijndael. In 2001, it was selected by the National Institute of Standards and Technology (NIST) as the official encryption standard for the United States.
AES Key Sizes: 128, 192, and 256
AES supports three key sizes. The key size determines the number of encryption rounds and directly affects security strength:
| Key Size | Number of Rounds | Security Level |
|---|---|---|
| AES-128 | 10 rounds | Sufficient for most applications |
| AES-192 | 12 rounds | Suitable for higher security needs |
| AES-256 | 14 rounds | Maximum security, government-grade |
The number after "AES" indicates the key length in bits. AES-256 uses a 256-bit key, providing the highest level of security. While AES-256 is slower than AES-128 due to the extra rounds, the performance difference is negligible on modern hardware for most applications.
How AES Encryption Works
AES operates on a 4x4 grid of bytes called the "state." The encryption process involves several steps that are repeated for each round:
1. Key Expansion
The original encryption key is expanded into a set of round keys — one for each round of encryption. This process generates the necessary subkeys from the original key.
2. Initial Round
The initial round adds the first round key to the state using an XOR operation. This is called AddRoundKey.
3. Main Rounds
Each main round consists of four steps:
SubBytes: Each byte in the state is replaced with a corresponding byte from a fixed substitution table (S-box). This introduces non-linearity, which is essential for cryptographic security.
ShiftRows: The rows of the state are shifted cyclically to the left. The first row stays unchanged, the second row shifts by one byte, the third by two, and the fourth by three.
MixColumns: Each column of the state is transformed using a mathematical operation that mixes the bytes within each column. This step provides diffusion — changing one byte in the input affects multiple bytes in the output.
AddRoundKey: The round key for the current round is XORed with the state.
4. Final Round
The final round is similar to the main rounds but omits the MixColumns step.
Decryption
Decryption reverses the process by applying the inverse operations in reverse order: InvShiftRows, InvSubBytes, AddRoundKey, and InvMixColumns.
AES Cipher Modes
AES encrypts data in blocks of 128 bits. Cipher modes determine how these blocks are chained together to encrypt data larger than a single block:
| Mode | Name | Description | Best For |
|---|---|---|---|
| ECB | Electronic Codebook | Each block encrypted independently | Not recommended — patterns in plaintext remain visible |
| CBC | Cipher Block Chaining | Each block XORed with previous ciphertext | General-purpose encryption |
| GCM | Galois/Counter Mode | Counter mode with authentication tag | Data that needs both encryption and integrity |
| CTR | Counter | Block cipher converted to stream cipher | High-speed applications |
| CFB | Cipher Feedback | Converts block cipher to self-synchronizing stream cipher | Applications needing error recovery |
ECB Mode Warning
ECB mode should not be used for encrypting meaningful data. Because identical plaintext blocks produce identical ciphertext blocks, patterns in the original data remain visible in the encrypted output. This is famously demonstrated by the "ECB penguin" — an image encrypted with ECB still shows the outline of the penguin.
CBC Mode
CBC mode is the most widely used mode for general encryption. It requires an Initialization Vector (IV) — a random value that ensures the same plaintext encrypted twice produces different ciphertext. The IV does not need to be secret but must be unique for each encryption operation.
GCM Mode
GCM mode provides both encryption and authentication in a single operation. It produces a ciphertext and an authentication tag that verifies the data has not been tampered with. GCM is the recommended mode for most modern applications, including TLS 1.2 and TLS 1.3.
How to Encrypt and Decrypt with AES
Online Tool
The AES Encryption / Decryption tool on Help2Code provides a simple interface to encrypt and decrypt text using AES-256-CBC and AES-256-GCM. You can:
- Encrypt plaintext with a password or passphrase
- Decrypt ciphertext back to plaintext
- Choose between CBC and GCM modes
- View the encrypted output in Base64 format
- Copy the encrypted result to clipboard
JavaScript Example
const crypto = require('crypto');
const algorithm = 'aes-256-cbc';
const key = crypto.randomBytes(32); // 256-bit key
const iv = crypto.randomBytes(16); // 128-bit IV
function encrypt(text) {
const cipher = crypto.createCipheriv(algorithm, key, iv);
let encrypted = cipher.update(text, 'utf8', 'hex');
encrypted += cipher.final('hex');
return { iv: iv.toString('hex'), encryptedData: encrypted };
}
function decrypt(encrypted) {
const decipher = crypto.createDecipheriv(
algorithm,
key,
Buffer.from(encrypted.iv, 'hex')
);
let decrypted = decipher.update(encrypted.encryptedData, 'hex', 'utf8');
decrypted += decipher.final('utf8');
return decrypted;
}
const result = encrypt('Hello, World!');
console.log('Encrypted:', result);
console.log('Decrypted:', decrypt(result));
Python Example
from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
import base64
def encrypt_aes(plaintext, key):
cipher = AES.new(key, AES.MODE_GCM)
ciphertext, tag = cipher.encrypt_and_digest(plaintext.encode())
return {
'nonce': base64.b64encode(cipher.nonce).decode(),
'ciphertext': base64.b64encode(ciphertext).decode(),
'tag': base64.b64encode(tag).decode()
}
def decrypt_aes(encrypted, key):
nonce = base64.b64decode(encrypted['nonce'])
ciphertext = base64.b64decode(encrypted['ciphertext'])
tag = base64.b64decode(encrypted['tag'])
cipher = AES.new(key, AES.MODE_GCM, nonce=nonce)
plaintext = cipher.decrypt_and_verify(ciphertext, tag)
return plaintext.decode()
key = get_random_bytes(32) # AES-256
result = encrypt_aes('Sensitive data', key)
print('Encrypted:', result)
Best Practices for AES Encryption
- Use a strong key: Generate keys using a cryptographically secure random number generator (CSPRNG). Do not use passwords directly as keys — use a key derivation function like PBKDF2, bcrypt, or Argon2.
- Never reuse IVs: Initialization Vectors must be unique for each encryption with the same key. Reusing an IV with CBC mode exposes relationships between plaintexts.
- Use authenticated encryption: Prefer GCM mode over CBC because it provides integrity verification. If using CBC, pair it with an HMAC to detect tampering.
- Keep keys secure: Store encryption keys in a secure location such as a hardware security module (HSM), a key management service (KMS), or an environment variable.
- Use sufficient key size: AES-256 provides the highest security margin. AES-128 is sufficient for most applications, but AES-256 is recommended for sensitive data.
- Rotate keys regularly: Periodic key rotation limits the amount of data exposed if a key is compromised.
Conclusion
AES encryption is the backbone of modern data security. Understanding how it works — from key sizes and cipher modes to practical implementation — helps you make informed decisions about protecting sensitive data. Use the AES Encryption / Decryption tool to encrypt and decrypt text online, and follow best practices to ensure your data remains secure.