Advanced Encryption Standard 256 (AES-256)

Security+ 🏆 • Cryptography 🔒 • Difficulty: free

Definition

AES-256 is a symmetric block cipher using 256-bit keys to encrypt 128-bit blocks. With authenticated modes like GCM or CCM, AES-256 provides strong confidentiality and integrity for data at rest and in transit.

Examples

TLS 1.3 negotiates TLS_AES_256_GCM_SHA384 to protect web sessions with authenticated encryption.
A laptop’s full-disk encryption uses AES-256-XTS to secure sectors without revealing patterns.

Discover 🔎

AES-256 is the 256-bit key variant of AES, chosen when organizations want the highest commonly deployed symmetric strength. The cipher itself is the same family as AES-128/192; the difference is key length and number of rounds (AES-256 uses 14). Security depends more on the mode (e.g., GCM), key management, and nonce discipline than on key size alone, but 256-bit keys add future-proofing and regulatory comfort in many environments.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.