AES implementations

From Infogalactic: the planetary knowledge core
Jump to: navigation, search

There are various implementations of the Advanced Encryption Standard, also known as Rijndael.


AES speed at 128, 192 and 256-bit key sizes. [clarification needed][citation needed]

Rijndael is free for any use public or private, commercial or non-commercial. The authors of Rijndael used to provide a homepage[1] for the algorithm. Care should be taken when implementing AES in software. Like most encryption algorithms, Rijndael was designed on big-endian systems. For this reason, little-endian systems, which include the common PC, return correct test vector results only through swapping bytes of the input and output words.

The algorithm operates on plaintext blocks of 16 bytes. Encryption of shorter blocks is possible only by padding the source bytes, usually with null bytes. This can be accomplished via several methods, the simplest of which assumes that the final byte of the cipher identifies the number of null bytes of padding added.

Careful choice must be made in selecting the mode of operation of the cipher. The simplest mode encrypts and decrypts each 128-bit block separately. In this mode, called "electronic code book (ECB)", blocks that are identical will be encrypted identically, which is entirely insecure. This will make some of the plaintext structure visible in the ciphertext. Selecting other modes, such as empressing a sequential counter over the block prior to encryption (CTR mode) and removing it after decryption avoids this problem.

  • Current list of FIPS 197 validated cryptographic modules (hosted by NIST)
  • Current list of FIPS 140 validated cryptographic modules with validated AES implementations (hosted by NIST) - Most of these involve a commercial implementation of AES algorithms. Look for "FIPS-approved algorithms" entry in the "Level / Description" column followed by "AES" and then a specific certificate number.

C/ASM library

C++ library

  • Botan has implemented Rijndael since its very first release in 2001
  • Crypto++ A comprehensive C++ semi-public-domain implementation of encryption and hash algorithms. FIPS validated

C# /.NET



  • PyCrypto - The Python Cryptography Toolkit PyCrypto
  • keyczar - Cryptography Toolkit keyczar


  • SJCL library - contains JavaScript implementations of AES in CCM, CBC, OCB and GCM modes
  • AES-JS - portable JavaScript implementation of AES ECB and CTR modes
  • Forge - JavaScript implementations of AES in CBC, CTR, OFB, CFB, and GCM modes
  • asmCrypto - JavaScript implementation of popular cryptographic utilities with focus on performance. Supports CBC, CFB, CCM modes.
  • pidCrypt - open source JavaScript library. Only supports the CBC and CTR modes.


Archive and compression tools

File encryption

Encrypting File Systems

Disk / Partition encryption

Security for communications in Local Area Networks


  • DataLocker Uses AES 256-bit CBC and XTS mode hardware encryption
  • GPG, GPL-licensed, includes AES, AES-192, and AES-256 as options.
  • IPsec
  • IronKey Uses AES 128-bit and 256-bit CBC-mode hardware encryption
  • KeePass Password Safe
  • LastPass[4]
  • Linux kernel's Crypto API, now exposed to userspace
  • Pidgin (software), has a plugin that allows for AES Encryption
  • SocialDocs file encryption uses AES256 to provide a free-online file encryption tool.
  • PyEyeCrypt[5] Free open-source text encryption tool/GUI with user-selectable AES encryption methods and PBKDF2 iterations.
  • TextSecure
  • XFire uses AES-128, AES-192 and AES 256 to encrypt usernames and passwords
  • Certain games and engines, such as the Rockstar Advanced Game Engine used in Grand Theft Auto IV, use AES to encrypt game assets in order to deter hacking in multiplayer.


  • Intel and AMD processors include the AES instruction set.
  • On IBM zSeries mainframes, AES is implemented as the KM series of assembler opcodes when various Message Security Assist facilities are installed.
  • SPARC S3 core processors include the AES instruction set, which is used with SPARC T4 and SPARC T5 systems.


  1. Original homepage and archived copy
  2. "Microsoft AES Cryptographic Provider".<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  3. "System Administration Guide: Security Services, Chapter 13 Solaris Cryptographic Framework (Overview)". Oracle. September 2010. Retrieved 2012-11-27.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
  4. AES 256-bit encryption with routinely-increased PBKDF2 iterations
  5. PyEyeCrypt at github Windows, OSX and Linux binaries and Python source code included in release v1.1