By Ben Puzzuoli, Director Sales & Marketing at DataDepositBox
March 24, 2016

Data Deposit Box Cloud Backup Expert Tips: What is 256 bit Encryption and How Does it Work?

In today’s cloud backup market, many service providers offer data encryption of all kinds. However, what we believe to be the most standard and secure version of encryption today is 256-bit AES. So, lets decrypt what 256-bit AES encryption really is historically and technically, while understanding its importance to your business today.

How does 256-bit encryption work?
AES is an abbreviation for Advanced Encryption Standard. It is a symmetric key encryption standard that has been adopted by the US Government and several governments across the world. The standard consists of three block ciphers known as AES-128, AES-192 and AES 256. These block ciphers have been adopted from a collection of ciphers that were originally published as Rijndael. Rijndael was developed by two Belgian cryptographers Joan Daemen and Vincent Rijmen.

While there are different levels of AES encryption, 256-bit is generally preferred over a 128-bit encryption because it means that there are 288 [2 to the power of 88] more combinations and a code that ranges in the trillions. Obviously all of this is to work towards the goal of making the data hacker proof.

How does this encryption standard work? The AES is designed on the principle popularly known as the Substitution Permutation Network. It can be integrated in the software and the hardware and unlike DES (Data Encryption Standard), it does not use the Feistel network (which uses reverse key schedules for encryption and decryption).

Fixed blocks are used in AES. The block size cannot be less than 128-bits or more than 256-bits. The key sizes can be in multiples of 32-bits with a minimum of 128-bits and no maximum limits. The array of bytes in the AES algorithm is known as State and operates on a 4 x 4 array of bytes. The calculations are also done in a special finite field.

The AES cipher is really a number of repetitions of transformation rounds that are used to convert the plain text into the final encrypted text. The rounds consist of several steps including the step that uses the encryption key defined by the user. A set of reverse rounds are then used to transform the cipher text back into user readable text using the encryption key.

The first step in the encryption process is the KeyExpansion round in which keys are derived from the cipher key using Rijndael’s Key Schedule. The next step combines the round key using the bitwise xor. The third step is a substitution step in which each byte is replaced with another buyer in accordance with a lookup table. The transposition step (ShiftRows) then shifts the rows cyclically by a certain number of steps.

The MixColumns step mixes the columns of the state and combines four bytes in each column. The AddRoundKey step then adds a roundkey and the steps are again iterated. 256-bit AES encryptions go through 14 rounds.

How secure is AES encryption? There are very few published attacks against the AES implementations, while most of these were side-channel attacks (attack on the implementations of the cipher on the system and not on the underlying cipher itself). It is believed that the design and strength of the key length protects the AES algorithm and a 256-bit key length is considered to be ideal for top-secret information.

You cannot afford to compromise on data security and 256 AES is one of the most secure methods of data encryption available in the market today. So, make sure one of the key benefits of your chosen online backup service provider is 256-bit AES encryption transmission of your data, in flight and at rest wherever it is stored.

Data Deposit Box is a Toronto, Canada based company that uses state of the art, patented technology to provide cloud backup and recovery, and business continuity services to businesses around the world. Your data is securely and automatically stored off-site in a private, certified facilities. Stored data is accessible 24/7 with monitoring and support provided by certified experts.

About the Author: Ben Puzzuoli is Director of Sales & Marketing at DataDepositBox, a Toronto based cloud data backup service provider, which is listed at both the Toronto and Frankfurt Stock Exchanges. DataDepositBox technologies and solutions are currently used daily by over 200,000 customers, 1,000 resellers, 25 MSPs and private label partners for cloud backup and recovery, archiving, disaster readiness, secure file sharing and remote access. Visit DDB website here: www.DataDepositBox.com

 

 

Tags: , ,