AES256 Encryption & Decryption in Android

First of all,let’s start with what AES is…

AES,Advanced Encryption Standart is a symmetric block cipher chosen by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.

AES was created by the NIST and became an effective federal government standart in 2002,after being in development for five years. Development of AES began in 1997 when it became clear its predecessor, the Data Encryption Standard (DES), was no longer cut out for the job.

Advanced Encryption Standard is built from three block ciphers: AES-128, AES-192, and AES-256. Each of these encrypts and decrypts data in chunks of 128 bits by using cryptographic keys of 128-, 192- or 256-bits. All symmetric encryption ciphers use the same key for encrypting and decrypting data, which means the sender and the receiver must both have the same key. Each key length is viewed as sufficient to protect the data. 128-bit keys have 10 rounds, 192-bit keys have 12, and finally 14 rounds for 256-bit keys. What are rounds? They correspond to multiple processing steps, which include permutation and substitution of the encrypted text, which transforms it into its encrypted form.

The first step in the AES encryption process is substituting the information using a substitution table; the second transmutation changes data rows and the third shifts columns. The last transformation is a basic exclusive XOR process done on each column using a different part of the encryption key. The longer the encryption key, the more rounds are needed.

Now that we’ve learned a bit about AES,we can start coding…

First step of the code is generating a random Secretkey. I’ve used KeyGenerator library to generate the Secretkey.

KeyGenerator keyGenerator;
SecretKey secretKey;
keyGenerator = KeyGenerator.getInstance("AES");
secretKey = keyGenerator.generateKey();

Here,when defining the secret key, we prevented the algorithm from being taken as a parameter with getInstance method and initialized the KeyGenerator by setting keysize 256.

Secondly, I’ve used IV,Initialization Vector in my code.This is optional in AES Encryption but better to use.

byte[] IV = new byte[16];
SecureRandom random;
random = new SecureRandom();

After defining two important parameter, step forward to coding functions.

Encrypt function

public static byte[] encrypt(byte[] plaintext, SecretKey key, byte[] IV) throws Exception
Cipher cipher = Cipher.getInstance("AES");
SecretKeySpec keySpec = new SecretKeySpec(key.getEncoded(), "AES");
IvParameterSpec ivSpec = new IvParameterSpec(IV);
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec);
byte[] cipherText = cipher.doFinal(plaintext);
return cipherText;

Decrypt function

public static String decrypt(byte[] cipherText, SecretKey key, byte[] IV)
try {
Cipher cipher = Cipher.getInstance("AES");
SecretKeySpec keySpec = new SecretKeySpec(key.getEncoded(), "AES");
IvParameterSpec ivSpec = new IvParameterSpec(IV);
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
byte[] decryptedText = cipher.doFinal(cipherText);
return new String(decryptedText);
} catch (Exception e) {
return null;

Examples of application

Encryption Example
Decryption Example

You can find the source code of the app here :

I’ve tried to explain AES as much as I can, stay awesome! see you in next article!



Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store