Before I watched this video I had no idea how AES worked. Now I've watched it and still have no idea how it works.

Computerphile and Numberphile are a blessing. I remember my math classes in college and we were taught different things about math but we were never told what they were used for. Now after seeing these videos I literally feel like I'd actually even enjoy learning maths. It makes sense because now I know why something is useful and when it may come in handy...

I knew what AES is for over 8 years but today I learned how it works

There is an issue with the animation at 11:02. Matrix multiplication is not commutative, the matrix has to be multiplied from the left ( the shown multiplication is not even doable)

I love his explanations but these videos give me the feeling that camera-man just randomly bursts in to Mikes office and asks him random questions.

He taught the nitty gritty, your way of teaching and breaking things up to chunks is just wow. Thankyou Man, you just won my heart. Watching this is 2024 makes sense 😄🚀

Just a correction: the vector operand at 10:59 should be on the other side of the matrix. Matrix multiplication is undefined in the way you have it written because the sizes of the vector and the matrix don’t match.

0:36 Encryption 2:34 XOR 2:55 Process. 3:20 Rounds of encryption. 7:40 Byte replacement. 8:33 Row shifting. 13:00 AES errors and CPU.

Absolutely love the way Mr. Pound teaches. Can listen for hours together. Waiting for many more such interesting videos.

Hey computerphile, thanks to all of the team for sharing the enthusiasm of Computer Science with me and other students, it's easy to find the lectures boring so I come here often to get more insights and intuitions. Being here enables me to learn things casually.

1:46 Drawing a 4 by 4 grid 101: 1. Draw a square (roughly) 2. Draw a vertical line through the middle. 3. Draw 2 more vertical lines through the middle of each half. 4. Draw a horizontal line through the middle. 5. Draw 2 more horizontal lines through the middle of each half.

I just want to say this is a great description of Galois fields in practical use. I learned it from textbooks way back when, and it was mind boggling.

You're an excellent teacher, you took something very complicated and made it easy even for someone like myself who only has A level education in maths.

Thank you for making these videos. I have been watching them for years, finding the algorithms fascinating and the explanations very easy. As a second year cs student I must say that watching this channel realy helps me now more than ever. Keep up the awesome work!

a lecture of 1.5 hours didn't understand it , just watched this video understood it in 14 min , TY you saved my semester .

itd be insane if he actually encrypted a message going to all of those steps not much was talked about the generation and usage of the key

I just talked a few hours ago with a colleague about how we could use this encription on an arduino to secure the data sent to a raspberry for a project (never used it before). And now you upload this... I need to use a mic detector in my classroom. Thanks for the explanation!

I literally just learned this yesterday in my cryptography class. Great refresher Dr. Pound!

This man is one of the most interesting people I have ever had the pleasure of listening to. Kudos!

Dr. Mike makes all the logics so charming and interesting. What a pleasure to listen to the logics through him!!

Thank you guys, your explanation is really helpful here, since it wasn't clear how all of this essentially works.

Dude! you're just a legend and so clear in your explanations! What I couldn't stop noticing is the scene you're filmed in. You sitting next to a white board is absolutely identical to watching The Office!

This is a blessing, couldnt be explained more clearly. Could we see an ElGamal cipher video please. Love you guys.

You can tell this stuff makes him very happy. I have no clue how this works after watching this, but I'm happy for him. 🤷🏾‍♀️

"Captain, this vessel seems to be emitting a Galois Field. It has rendered our sensors completely inoperative."

Yes, been excited for more AES since the last video! Always love when you discuss cryptography on this channel.

As mathematicians will have noticed, during the mix columns animation the vector goes on the right, it's correct on the paper. Fabulous animations though as always Sean ;)

Damn I can listen to him for hours, I know what is AES I have used it many times for development but I have never looked into how it actually works. Hands down the best video.

Very well explained. Thank you so much for taking the time to record and post this!

1.5M subscribers! Great job guys :D

FYI the CNSA has recommended organizations stop using AES-128 as of January 2016 in their Algorithm Suite and Quantum Computing FAQ. If possible you should implement AES-256 to better secure from Grover’s algo

The most secure feature when it comes to the AES standard is its matrix being column-major.

10:00 I judge the paper as more than worth it. I really appreciate your videos. Often they provide me with the inspiration for my work even when it has no direct bearing on the task at hand. I was reminded of this when you referenced Turing, because I remember watching the one on Turing operations and it making it easier for me to develop a pickle-based data storage for my app that was significantly faster [in terms of read and write times] than an SQLAlchemy-based solution. I've used the same DB in my last 3 Android apps and every time I initialize that git submodule, I say a little thank-you to Alan Turing and Computerphile for giving me the courage to try something more ambitious than a command-line tool or Django-site. Baie dankie, from Southern Africa.

Great video. I'm shocked that they still have music rule paper! Gives me nightmares of the IBM band printers I used to have to deal with on a S/38 :)

I implemented AES and RSA in C++. AES is about 800 lines. RSA is about 300 lines. The thing that makes AES fast is that its bitshifts and bitwise xors. The 2 things that make RSA slow is mod exponentiation and prime number testing. Prime number test is an O(1) problem as you only do it once. So if you have a key pair, don't throw it out of you can avoid it. The mod exponentiation has to be done repeatedly and on large numbers that aren't native to machine code, numbers that are can get up to 4kbits longs.

Dr. Mike rocking! Best Man for teaching things with Humor! I just want to know everything he knows ._.

OMG we just ended the semester and AES was covered in one of my modules! Wish i had this video a while back...Thanks for the upload though :)

Was hoping this would come out

Great job on explaining it guys! Thank you for making these for free!

i spent around 5 minutes furiously scrolling through computerphile videos trying to find "how aes works" because it was in the end of the previous video, and i couldnt find it so was a bit puzzled. I found other encryption content, but not this video. Turns out this one is uploaded AFTER the last video recommending it 👍😁

The interview part looks like The Office lol

My professor Joan Daemen co-invented this cipher, really cool to be taught by one of the best!

This is the only channel on KZbin which I have the notifications turned on. Love computerphile 😍

When the plaintext block length is 128, the number of iteration rounds is 10. When the plaintext block length is 192, the number of iteration rounds is 12. When the plaintext packet length is 256, the number of iterations is 14

How does this one guy know such a ridiculous amount about all this stuff, honestly really impressive

This is shockingly close to a cypher I designed knowing nothing, except instead of an intelligently designed S-box I generated unique lookup tables for each round using Fisher-Yates on a secure PRNG seeded with the key. (And that was the only way the key was used, there was no key XOR step).

Just last week I gave a presentation on how AES works and now this video is coming out. Anyway, I liked the video and can confirm that what he was talking about is correct :)

Woow I was thinking of this TODAY and this vid comes out ! Plus its Mike Pound

Idk y but this guy is fun to watch. Like ik some of these concepts and he just makes me understand them more

A separate video on the MDS matrix, with full example, would be nice. Haven't seen a clear example yet.

Just before my security exam, thanks!!

The guy is a Brit of the classical sense from another generation. Love it.

this video is a lot better than the last video I watched

8:29 The AES designers could also have done rotations within the 4x4 grid (e.g., b0 shifts to b1, b4 to b0, b3 to b7, etc.), which is just a 4x4 cell permutation, but they didn't.

these videos are amazing and very helpful but please do consider to put subtitles as there are a lot of people who do watch them and are from other couintries. English subtitles would be amazing!!!thanks

Brilliant explanation. A very helpful video for beginners who wish to learn the AES algorithm.

AMD and INTEL have the AESNI instructions which are AESKEYGENASSIST,AESENC,AESENCLAST,AESDEC,AESDECLAST,AESIMC,PXOR and PCLMULQDQ and make use of the 128 data busses that are part of processors in the INTEL AND AMD ranges,therefore there are no side channel attack vectors, actually the AMD A10-7800k (Kavari) can make use of the AESNI instructions so can run bitlocker very quickly.

this guy is a genius at so many different topics !

Hello. Can you explain the difference between AES and Twofish? I believe that Twofish was the runner up in the competition to select the standard encryption algorithm back in 1999 (I think)

as a cyber security student... this was as informative as it was confusing lol

Best explanation I've found so far. Thank you.

Could you please add another video about the Key Schedule process ? Because for every round we need to use a different subKey that is created during the Key Schedule process. This is important for a full picture of the algorithm.

8:01 - No byte can become itself? Wasn't that the CRUX of how the enigma machine was defeated?

I prefer twofish. AES has many more troubling mathematical issues shall we say. Its not broken by any means, but twofish is far less far along the pipeline to becoming broken. I initially didn't want to detail what these were due to the time it'd take, but considering the only response was to say shut up instead of to do any research or anything, I decided to detail them in the responses bellow if anyone is interested. I also talk about other Ciphers used by other countries (as some countries like Japan have their own standards of cipher and rely on them over AES) and how these compare to AES.

Matrix Multiplication isn't commutative and the operation shown in the animation in undefined since it's 4x1 times 4x4 rather than 4x4 x 4x1

this is amazing i always wanted to learn the mechanics about AES

After watching this video im asking myself can you better have not the grid but only one key or the other way around?

wow, funky, nice to learn how ASE works, and also love Dr Mike's presentation style. G

Thank you for this amazing video about AES...congrats

You just compressed a 3 hour lecture into 15 minutes for me

11:01 that's some incorrect linear alge🅱️ruh right there

Thanks prof. Can you explain about the Authentication tag using in AES GCM? What is the different between GCM tag and authentication tag? Thank you

Hello, Just to say that the content guys put forth is so much helpful in many ways.. masters really!! Only thing is sometimes its difficult to understand what they say ... not quite familiar with the accent ... please kindly make captions/subtitles available... it will help us to understand better ... Thanks in advance

You should make a video about chacha20 and salsa20 encryption algorithms. They're modern, much faster and are not vulnerable to side-channel attacks like cache-timing attacks.

I was lost after plain text... but fascinating nonetheless. Kudos to all the commenters here with such amazing knowledge, such valuable minds you have. I will just stick to iOS calculator app for my math needs.

It is very easy to attack software implementations of AES because the constants used in the tables aid to identify the software logic performing the transform operations. Hardware crypto engines can be attacked by watching bus, you have a horse to water or water to horse problem with your data and the key. Only trusted computing can somewhat reliably protect keys and data if you get the horse and water problem correct.

Gawd I thought I was starting an office sketch here and ended up getting fooled into knowledge

Can you explain the iv? (Initialisation vector) and why having a unique iv helps?

You are great sir the way of explanation is very nice thanks sir ☺️ for AES explanation

I was wondering a few days ago about how BitLocker and the like are so quick to decrypt. It makes sense now knowing the security chip is capable of being so quick.

Don't the shift rows and mix columns operations combine into mixing the diagonals?

This is the first time I feel empty-handed after a Computerphile video . I really didn't understand what's going on

My professor invented this and is teaching me security right now :)

8:30 Why is it called Shifting the Rows? As, it's a Row Rotation instead.

When Computerphile is more math-oriented than Sixty Symbols...

I wish you released this in April before my exams

We actually did this at uni, pen and paper, same with DES, ofc did it with fewer rounds. Still a big pain in the ass tho.

Chemist here... AES = atomic emission spectrum

Oops, the matrix multiplication was represented incorrectly in animation (it’s not commutative). But the video was lovely regardless!

An improvement could to use 3D Matrix and use even the GPU + modern CPU AES Instructions to hardware accelerate the encryption and decryption, very interesting method

So many steps were skipped. Why skip the replacement field or the key expansion?

Wow, this is beautifully explained!

Just a thought, u had a board and maybe use the board to explain instead of the paper. Because for some people, the sound of a marker writen onto a paper is disturbing. Great explanation nonetheless. Thanks a lot.

Can you do more videos where you work with images. Those are awesome. Encryption is fun to, but the result is less visible in daily life and as such, it is harder to appreciate.

A video on Galois Field would be more refreshing

Absolutely great way to share, great job!

In the Galois Field, multiplication and inverse are not opposites, multiplication by n and multiplication by inverse of n are

I recently implemented a "custom" (and by that I mean that I completely omitted certain parts, like the different key each round) version of the AES standard for a java based server I have. I'm sure it would have been more useful if the messages I sent didn't come from within my home network

While the number field sieve is the best method currently known, there exists an intriguing possibility for a far more elegant approach...

Very interesting video! Thanks for the insights.