Back to homepage

AES256 1.6

I. Overview

The AES256 package is a C++ implementation of the AES-256 encryption/decryption method (i.e., the version of AES that uses a 32 byte/256 bit key), supporting a number of block chaining and padding modes. Currently supported block chaining modes are:

Suported padding methods are:

It consists of a set of files ready for integration into other programs (though, with a few minor modifications it could also be compiled into a library). For encryption or decryption a class is instantiated (optionally setting the chaining and padding mode), which has methods to encrypt/decrypt either C++ strings or streams.

The implementation is written in (hopefully) portable C++ and should work without dependencies on the underlying hardware or operating system.

II. Warnings

While I implemented the AES-256 algorithms as far as my abilities and understanding allowed me I'm not claiming that it's error-free. Thus if you intend to use it, especially for cryptographic applications, you definitely MUST review and test the code carefully yourself! (You get what you paid for;-)

Please let me repeat this: I am NOT a professional cryptographer but a mere amateur in this field. I can't give any guarantees that the code behaves as it should. And the code hasn't been vetted by any real experts as far as I am aware.

III. Acknowledgments

An important part, the code for encrypting and decrypting single, 16 byte wide blocks with AES-256, is based on a C implementation by Ilya O. Levin, with contributions by Hal Finney, which can be downloaded from

http://www.literatecode.com/aes256

This part is mostly a conversion from C to C++ with a few modifications. But note that the original authors are in no way responsible for the results of my dabbling with their code!

IV. Known Limitations

On systems where the char type has more than 8 bits (i.e. CHAR_BIT as defined in <climits> is larger than 8) the code won't compile.

This implementation isn't optimized for speed. Instead the code is (hopefully) relatively easy to read and modify.

Not too much testing has been done yet. At least the NIST supplied test data for KAT/MMT/MCT, which can be downloaded from

http://csrc.nist.gov/groups/STM/cavp/#01,

could be encrypted/decrypted successfully.

No attempts have been made to address potential security issues like side-channel attacks.

V. Download

Probably the most convenient way to download the sources is via git. If you have git just type

git clone http://users.physik.fu-berlin.de/~jtt/AES256/AES256.git

In the future you then can easily update to the newest version with just the command git pull.

But the package can also be downloaded as a tarball from here (total size is about 32 kB):

http://users.physik.fu-berlin.de/~jtt/AES256/AES256-1.6.tar.gz (md5sum: cb08eb99dd8e7c9f23dfe26ad4ad3c17)

The package contains the documentation. See the README.txt file for the details and Intro.txt for some basics of AES encryption (as far as my understanding goes;-)

VI. Concluding Remarks

The code is released under the GNU General Public License (GPL), version 3, for most parts. The exception is the basic AES-256 code for encrypting and decrypting single 16 byte wide blocks of data. Since it is derived work it is licensed under the same conditions as the original code.

If you find bugs or implement improvements please don't hesitate to contact me.

Back to homepage


Last modified: March 12, 2017 Valid XHTML 1.0 Strict Valid CSS!