There are various implementations of the Advanced Encryption Standard, also known as Rijndael.
Rijndael is free for any use public or private, commercial or non-commercial. The authors of Rijndael used to provide a homepage for the algorithm. Care should be taken when implementing AES in software. Like most encryption algorithms, Rijndael was designed on big-endian systems. For this reason, little-endian systems return correct test vector results only through swapping bytes of the input and output words.
The algorithm operates on plaintext blocks of 16 bytes. Encryption of shorter blocks is possible only by padding the source bytes, usually with null bytes. This can be accomplished via several methods, the simplest of which assumes that the final byte of the cipher identifies the number of Null bytes of padding added.
Careful choice must be made in selecting the mode of operation of the cipher. The simplest mode encrypts and decrypts each 128-bit block separately. In this mode, called "electronic code book (ECB)", blocks that are identical will be encrypted identically. This will make some of the plaintext structure visible in the ciphertext. Selecting other modes, such as empressing a sequential counter over the block prior to encryption (CTR mode) and removing it after decryption avoids this problem.
- Current list of FIPS 197 validated cryptographic modules (hosted by NIST)
- Current list of FIPS 140 validated cryptographic modules with validated AES implementations (hosted by NIST) - Most of these involve a commercial implementation of AES algorithms. Look for "FIPS-approved algorithms" entry in the "Level / Description" column followed by "AES" and then a specific certificate number.
Actionscript 3 Edit
- BSD licensed cryptography library that provides several common algorithms including AES-128, AES-192 and AES-256
C/ASM library Edit
- GPL-licensed Nettle library also includes an AES implementation
- PolarSSL - lightweight double-licensed (GPL or commercial), written in C
- A compact byte-oriented AES-256 implementation (C, OpenBSD license)
- A byte-oriented public domain in C
- BSD licensed from Brian Gladman
- Public-domain from D.J. Bernstein
- Public domain C from Philip J. Erdelsky
- Cryptographic Application Programming Interface or CAPI, Microsoft's Cryptography API
- A simple commented implementation in C/C++ aimed at beginners
- Simple, thoroughly commented implementation of 128-bit AES / Rijndael using C for learning
- An AES-256 cryptographic module for Python written in C.
- New AES software speed records and AES speed with source code part of the estreambench toolkit.
C++ library Edit
- Botan has implemented Rijndael since its very first release in 2001
- Crypto++ A comprehensive C++ semi-public-domain implementation of encryption and hash algorithms. FIPS validated
- Chris Lomont's version of AES under the zlib License
- Loop AES / AES PIpe and other fun Linux/Unix tools
C# /.NET Edit
- "Keep Your Data Secure with the New Advanced Encryption Standard" A detailed explanation with C# implementation by James D. McCaffrey.
- As of version 3.5 of the .NET Framework, the System.Security.Cryptography namespace contains both a fully managed implementation of AES and a managed wrapper around the CAPI AES implementation.
- Bouncy Castle Crypto Library
- Martin Offenwanger's GPL-licensed AES source code written in Delphi
- Arnaud Bouchez's another AES source code written in Delphi and i386 assembler
- David Barton's implementation in Delphi, as part of a suite of hashes and ciphers called DCPcrypt: OIS-Certified open source
- Delphi Encryption Compendium in an open source cryptographic library, Freeware/MIT-licensed
- TurboPower Lockbox in an open source AES implementation available on SourceForge. A Delphi 2010 compatible version is available on SongBeamer.
- Java Cryptography Extension, integrated in the Java Runtime Environment since version 1.4.2 (see example code)
- IAIK JCE, (see features)
- Bouncy Castle Crypto Library
- Calculator in java script (in Portuguese)
- Direct implementation of standard transparently coded, with counter mode of operation
- Calculator showing intermediate values
- Simple 128/192/256-bit AES with hexadecimal inputs
- Gibberish Library, OpenSSL compatible with CBC operation, and very efficient. MIT Licensed
- pidCrypt Crypto Library, both CTR and CBC mode of operation. ISC Licensed
- JavaScrypt, slightly modified version of Fritz Schneider original implementation
- ironclad, Common Lisp cryptography library.
- Common Lisp AES implementations using 8 and 32 bits arithmetic.
- Emacs Lisp
Other languages Edit
- LGPL 128bit Implementation in PHP (Registration required)
- phpseclib LGPL implementation in PHP supporting 128, 192, and 256-bit keys.
- Rijndael Inspector Program made in Flash to encrypt/decrypt using AES-128.
- Crypt::Rijndael for Perl
- Crypto for Erlang implements AES (binding for Openssl)
- Mcrypt for PHP
- dcrypt for the D (programming language) implements AES
- Codec.Crypto.AES is a Brian Gladman's C code + Haskell wrapper. Implements 128, 192, 256 bit AES (BSD License)
- Simple, thoroughly commented implementation of 128-bit AES / Rijndael using Google Go aka Golang for learning
Archive and compression tools Edit
Disk encryption Edit
- BitLocker (part of "Enterprise" and "Ultimate" editions of Windows Vista and Windows 7 operating systems)
- FileVault (part of the Mac OS X operating system, and also the included Disk Utility makes AES-encrypted drive images)
- Geli (software)
Security for communications in Local Area Networks Edit
- IEEE 802.11i, an amendment to the original IEEE 802.11 standard specifying security mechanisms for wireless networks, uses AES-128 in CCM mode.
- The ITU-T G.hn standard, which provides a way to create a high-speed (up to 1 Gigabit/s) Local area network using existing home wiring (power lines, phone lines and coaxial cables), uses AES-128 for encryption.
- GPG, GPL-licensed, includes AES, AES-192, and AES-256 as options.
- IronKey Uses AES 128-bit and 256-bit CBC-mode hardware encryption
- OpenSSL includes AES cipher support as of version 0.9.7 (released in 2002) and is dual-licensed under the terms of the OpenSSL License and the original SSLeay license. FIPS validated via IBM
- Pidgin (software), has a plugin that allows for AES Encryption
- XFire uses AES-128, AES-192 and AES 256 to encrypt usernames and passwords
- CyaSSL includes AES cipher support YaSSL HomePage
Future Intel and AMD processors will include AES instruction set - hardware version of AES.