The IT Law Wiki


The Advanced Encryption Standard (AES) (as published in FIPS 197) is

an encryption algorithm for securing sensitive but unclassified material by U.S. Government agencies and, as a likely consequence, may eventually become the de facto encryption standard for commercial transactions in the private sector.[1]
the Rijndael (pronounced "Rhine Doll") cryptographic algorithm[2] adopted by the National Institute of Standards and Technology (NIST) as the Federal Information Processing Standard (FIPS). The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information.[3]
[a] symmetric encryption mechanism providing variable key length and allowing an efficient implementation specified as FIPS 197.


AES replaced DES and 3DES. It is one of the recommended encryption standards meeting HIPAA requirements. AES may be used by federal departments and agencies when an agency determines that sensitive but unclassified information requires cryptographic protection. In addition, AES may be adopted and used by non-federal government organizations. Such use is encouraged when it provides the desired security for commercial and private organizations.

The algorithm specified in the standard may be implemented in software, firmware, hardware, or any combination thereof.


  1. SearchSecurity, "Advanced Encryption Standard (AES)" (full-text).
  2. Rijndael was developed by Belgian cryptographers Joan Daemen and Vincent Rijmen.
  3. NIST Special Publication 800-46.

See also[]

External resource[]