The '''Advanced Encryption Standard''' is the U.S. National Institute of Standards and Technology proposed replacement for the [DES] cipher. See US FIPS PUB 197  [http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf]

AES is a block cipher once known as Rijndael which supports variable key and block sizes. As part of the NIST standardization the block size in AES is fixed at 128 bits and the permitted key sizes limited to 128, 192 or 256 bits. AES should be used in preference to DES in all new protocol designs.

A pure-Tcl implementation of AES is now included in [tcllib] and will be present in the 1.8 release.

----

[SLB] Using aes 1.0.0 in Tcl 8.5.0 on Windows, there are some quirks to be aware of:
   * Derypting an invalid string can cause the error 'integer value too large to represent'
   * If you decrypt using -in, the error is still reported even if you wrap a catch around the call, apparently due to use of fileevent in the implementation.
   * One source of invalid data is from encrypting a string whose length is not a multiple of 16 bytes. The documentation does tell you not to do this but if you forget, the encryption apparently succeeds yet fails in this obscure manner when decrypting.

Example:

 package require aes
 set key [string repeat - 16]
 set fullData {MalletData 9 q q q2 22}
 set encryptedData [aes::aes -dir encrypt -key $key $fullData]
 aes::aes -dir decrypt -key $key $encryptedData
 puts $errorInfo

 integer value too large to represent
    while executing
 "binary format I4 $data"
    (procedure "DecryptBlock" line 25)
    invoked from within
 "DecryptBlock $Key $block"
    (procedure "Decrypt" line 10)
    invoked from within
 "Decrypt $Key $data"
    (procedure "aes::aes" line 41)
    invoked from within
 "aes::aes -dir decrypt -key $key $encryptedData"

----
See also [des], [blowfish], [rc4]

[[[Category Cryptography] | [Category Package]]]