![Understand Symmetric Encryption and AES](https://cdn.slatesource.com/3/0/4/304e9c23-46b8-401c-990e-b38c7f25e5fe.jpg) # Understand Symmetric Encryption and AES - [Made in Slatesource](https://slatesource.com/s/1033) - By [KaiRenner](https://slatesource.com/u/KaiRenner) - Science & Technology - Created on Mar 23, 2026 ## Symmetric Encryption and the AES Competition Symmetric encryption uses the same key to encrypt and decrypt. It is fast — a modern CPU can encrypt gigabytes per second with hardware-accelerated AES — but it requires both parties to already share the key. AES (Advanced Encryption Standard) became the global standard in 2001 through an open international competition organized by NIST. Fifteen algorithms from teams around the world were submitted, publicly analyzed over four years, and Rijndael — designed by Belgian cryptographers Joan Daemen and Vincent Rijmen — won on the combination of security, efficiency, and elegant simplicity. > The AES process was a landmark in cryptographic standardization. For the first time, the selection was entirely open: anyone could submit an algorithm, anyone could cryptanalyze the candidates, and the evaluation criteria were published in advance. The re > > — KaiRenner · 24th of March 2026 How AES Transforms a Block AES operates on 128-bit blocks arranged as a 4x4 grid of bytes. Each of the 10 rounds (for AES-128) applies four operations in sequence. SubBytes substitutes each byte using a non-linear lookup table called the S-box, providing confusion. ShiftRows rotate Block Cipher Modes of Operation AES encrypts exactly one 128-bit block. Real messages are longer and have variable length, which requires a mode of operation. Electronic Codebook (ECB) mode encrypts each block independently — identical plaintext blocks produce identical ciphertext block GCM Mode and Nonce Reuse Galois/Counter Mode (GCM) combines CTR encryption with a Galois field authenticator, producing both ciphertext and an authentication tag. The combined primitive is called an AEAD: Authenticated Encryption with Associated Data. GCM requires a unique nonce When to Use Which AES Mode 0% Use AES-GCM (or ChaCha20-Poly1305) for any new symmetric encryption — it provides both confidentiality and authentication Never use ECB mode for data with patterns — identical plaintext blocks produce identical ciphertext CTR mode provides confidentiality but no authentication — always add a separate MAC if using CTR Generate nonces randomly using a cryptographically secure random number generator — never use a counter shared across reboots For disk encryption, AES-XTS is the standard mode — it handles the fixed-size-sector access pattern of block devices > AES-NI instructions on modern Intel and AMD CPUs implement each AES round in a single hardware instruction. A single core can encrypt data at memory bandwidth — around 10 GB/s. This makes the performance argument for weaker encryption moot on modern hardware. If a system component uses a faster-but-weaker cipher to avoid the AES performance overhead, it is working from outdated benchmarks. ## Go Deeper: Key Agreement AES solves symmetric encryption — but it requires both parties to already share a key. Agreeing on a secret key over a public channel where anyone can eavesdrop requires completely different mathematics. Diffie-Hellman key exchange solves exactly this problem, and the elegance of its solution is worth understanding from first principles. [How two strangers agree on a shared secret over a channel anyone can listen to.](https://slatesource.com/s/1007?utm_source=slatesource) [NIST FIPS 197 — The AES Standard](https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197-upd1.pdf?utm_source=slatesource)