AES-256

AES-256 is the 256-bit variant of the Advanced Encryption Standard, a symmetric-key block cipher adopted by NIST in 2001 that remains the global standard for encrypting data at rest and in transit.

Definition

AES-256 is the 256-bit key length variant of the Advanced Encryption Standard (AES), a symmetric-key block cipher standardized by the U.S. National Institute of Standards and Technology (NIST) in 2001 as FIPS 197. It operates on 128-bit blocks of data using 14 rounds of substitution, permutation, and mixing transformations. The “256” refers to the key length in bits, meaning there are 2^256 possible keys—a number so large that a brute-force search would require more energy than exists in the observable universe.

AES replaced the aging Data Encryption Standard (DES) after a five-year public competition. The winning algorithm, Rijndael, was selected from 15 candidates based on security margin, performance across hardware and software implementations, and resistance to known cryptanalytic attacks.

Why It Matters

AES-256 is the encryption standard mandated by the U.S. government for TOP SECRET classified material (CNSS Policy 15, 2003) and is the cipher of choice for virtually every major technology platform. Apple uses AES-256 for full-disk encryption on every iPhone. Signal uses it (in combination with Curve25519 and HMAC-SHA256) for message encryption. AWS, Azure, and Google Cloud all default to AES-256 for server-side encryption of customer data.

The global encryption software market reached $16.5 billion in 2024 and is projected to exceed $42 billion by 2030, with AES-256 underpinning the vast majority of implementations. Its ubiquity is not an accident—it is the result of 25 years of continuous cryptanalysis by academic and government researchers, none of whom have found a practical attack that meaningfully reduces the security margin below the 256-bit theoretical maximum.

The most effective known attack against AES-256 is the biclique attack (Bogdanov, Khovratovich, and Rechberger, 2011), which reduces the effective key strength from 2^256 to approximately 2^254.4. This is a theoretical reduction of roughly four times. In practice, it is irrelevant—2^254.4 operations remains computationally infeasible by many orders of magnitude.

How It Works

AES-256 encrypts data through a series of well-defined stages:

Key expansion: The 256-bit key is expanded into 15 round keys (one initial plus 14 rounds) using the Rijndael key schedule.
Initial round: The plaintext block is XORed with the first round key (AddRoundKey).
Main rounds (14 iterations): Each round applies SubBytes (byte substitution via S-box), ShiftRows (cyclic row shifting), MixColumns (column mixing via Galois field multiplication), and AddRoundKey.
Final round: Identical to the main rounds but omits MixColumns.

In practice, AES-256 is almost always used in an authenticated encryption mode. AES-256-GCM (Galois/Counter Mode) combines encryption with authentication, producing both ciphertext and an authentication tag that detects tampering. GCM mode is parallelizable, hardware-accelerated on modern CPUs via AES-NI instructions, and achieves throughput exceeding 10 Gbps on commodity hardware.

Stealth Cloud Relevance

AES-256-GCM is the encryption primitive at the core of Stealth Cloud’s client-side encryption architecture. Every message sent through Ghost Chat is encrypted on the user’s device using the Web Crypto API before it leaves the browser. The encryption key is generated per session, never transmitted to the server, and destroyed via cryptographic shredding when the session ends.

The choice of AES-256-GCM is deliberate. GCM mode provides authenticated encryption—meaning Ghost Chat can detect if a message has been tampered with in transit, not just whether it has been intercepted. Combined with ephemeral infrastructure (the Worker isolate that briefly holds the decrypted prompt in RAM is destroyed after each request), AES-256-GCM ensures that even a compromised edge node gains access only to data for the duration of a single request—and cannot modify that data without detection.

The Stealth Cloud Perspective

AES-256 is not a feature Stealth Cloud advertises. It is the foundation Stealth Cloud cannot exist without. The strength of the cipher determines the ceiling of every privacy guarantee above it—and 256 bits of key space is the only ceiling worth building under.