What is AES encryption?

AES, or Advanced Encryption Standard, is a fast, efficient, and secure encryption algorithm developed and certified by the US National Institute of Standards and Technology (NIST).

Because of its strength and reliability, AES is one of the most popular and common types of encryption used in wireless network security, data and disk encryption, online payment systems, cloud storage, password management, and even government and military applications.

For these reasons, the US government uses AES encryption to secure its classified information.

Is AES safe?

Yes. According to the NIST, all AES algorithm key lengths are deemed "sufficient" to protect classified information up to the "Secret" level.

For "Top Secret" information, AES-192 or AES-256 is required.

Proton uses AES-256 in its encryption process, meaning your data is protected by the same standard the US government has approved to secure Top Secret information.

Layers of security

AES encryption is a symmetric-key block cipher, which requires less processing power than asymmetric-key ciphers. Symmetric-key ciphers like AES are orders of magnitude faster than asymmetric ones, making them ideal for encrypting large amounts of data.

With AES encryption, data is encrypted behind the scenes via multiple “rounds,” each of which consists of four different mathematical operations.

Think of these operations as an added layer of protection, each one making the cipher harder to crack.

These mathematical rounds are repeated depending on the key size. AES-128 requires 10 rounds, AES-192 requires 12, and AES-256 has 14 rounds of operations, making it that much tougher to break.

For perspective, AES-256 is 340 billion-billion-billion-billion times harder to crack in a brute force attack than AES-128.

Mitigating attacks

Think of AES as one of the essential building blocks of Proton’s privacy-first suite of products. Not only is AES-256 the foundation of Proton's apps, it's regarded as the world standard for symmetric-key encryption.

While AES encryption is widely considered to be highly secure, improper implementation or key management can lead to weakened systems. That's why we use both symmetric and asymmetric-key encryption at Proton.

When using AES alone, these security risks can be avoided by:

Making sure keys are stored properly and privately

Using an encrypted password manager

Facilitating regular security training to prevent phishing attacks

Protected by Proton

At Proton, we use the OpenPGP standard, which combines both a symmetric algorithm, like AES, with an asymmetric one. Together, Proton's services are fast, secure, and mathematically ensured.

In 2014, we launched Proton with support from people like you, through a crowdfunded effort. The scientists who created Proton envisioned a better internet for everyone, where every app used has your privacy in mind.

We're always looking for new ways to innovate in the privacy-tech sector, and to this very day, that starts with our community.

Privacy is something we all benefit from, and collectively, we all lose when our privacy is threatened. When you choose to protect your privacy with Proton, you're not just safeguarding yourself — you're creating a better internet for everyone.

Get a Proton account for free