Intro to The AES-256 Cipher
AES, or “Advanced Encryption Standard”, is an encryption specification that uses the Rijndael cipher as its symmetric key ciphering algorithm. AES encrypts a message with a private key, and no one but the key holder can decrypt the message. A great example of a good use-case for AES-256 is encrypting all the data on the hard drive of a computer when it’s not in use.
Asymmetric encryption is preferred when you want someone to be able to send you encrypted data, but you don’t want to share your private key.
The secret key used in AES-256 must be 256 bits long. In order to use a password or passphrase as the key, a hashing algorithm needs to be used to extend the length.
The shorter the password or passphrase, the easier it is for an attacker to decrypt the data by guessing passwords, hashing them, and attempting to decrypt the message. In order to mitigate this threat, some applications enforce safeguards, such as using a KDF.
1. Choose a password, then derive a short key from that password (using a function like Scrypt or SHA-256). This short key will then be expanded using a key schedule to get separate “round keys” for each round of AES-256.
