Protectstar Technology

Not standard.
Better.

We didn't just use AES — we redesigned it. With 512-bit blocks, 24 rounds, and a publicly documented algorithm.

Built for a world where standard is no longer enough.

Open algorithm

Independently verifiable

At a glance

Four numbers.
One fundamental difference.

What sets Protectstar Extended AES apart from standard AES can be reduced to four key metrics — each with a direct impact on your security.

512

Block size (bits)

4× standard AES

Encryption rounds

AES-256: 14 rounds

Key lengths

128, 256 & 512 bits

CTR

Default mode

+ CBC, CFB, OFB, ECB

Standard vs. Extended

What we do differently.

Standard AES is excellent. Our Extended AES builds on that foundation — and takes several fundamental steps further.

Standard AES

Block size 128 bits

Matrix 4 × 4

Rounds AES-128 / AES-256 10 / 14

Max. key size 256 bits

Full diffusion after 2 rounds

Protectstar Extended AES Our technology

Block size 512 bits

Matrix 4 × 16

Total rounds 24

Max. key size 512 bits

Full diffusion after 4 rounds *

* Optimized ShiftRow offsets {0,1,4,5} reduce the rounds needed for full diffusion in the 512-bit variant from 5 to 4. Standard AES achieves full diffusion after 2 rounds in its smaller 4×4 matrix.

Standard AES

4 × 4 · 128 Bit

→

Protectstar Extended AES

4 × 16 · 512 Bit

Each cell is one byte. A larger matrix means more data per encryption block — and significantly more complexity for any attack.

Round architecture

More rounds.
More protection.

Each round refines and obfuscates. The 512-bit matrix demands more passes — and we provide them, because security leaves no room for compromise.

AES-128: 10 rounds

AES-256: 14 rounds

Protectstar Extended AES: 24 rounds

Why it matters

Security you can
feel.

Technology nobody understands helps nobody. Here's what Extended AES really means.

Future-proof

512-bit keys are designed to withstand future attacks too — including threats that do not even exist yet.

Optimized diffusion

Adjusted ShiftRow offsets {0,1,4,5} reduce the rounds needed for full diffusion in the 512-bit variant from 5 to 4 — a measurable improvement over naive scaling.

Open & verifiable

No security through obscurity. We publish the complete algorithm and source code for independent review and verification.

Technical documentation

Complete algorithm specification

Padding, key expansion, modes of operation, source code reference

▼

1. Motivation

Standard AES uses a 4×4 matrix (128 bits). Extended AES uses a 4×16 matrix (512 bits) and retains AddRoundKey, MixColumn, and S-box substitution unchanged, while specifically extending the ShiftRow offsets, the number of rounds, and the key expansion.

2. Modes of operation

ECB, CBC, CFB, OFB, and CTR are fully implemented. The default mode is CTR.

3. Total number of rounds

Number of rounds = (key size or block size in words) + 6. For a 512-bit block: 16 words → 22 rounds, plus 2 additional rounds due to the extended ShiftRow operation = 24 rounds total.

4. Padding

Message padding follows RFC 1321 to multiples of 512 bits. Key padding: shorter passwords are padded with zeros and then encrypted using standard AES in CBC mode to avoid round keys with many zero bytes.

5. Round key generation

Modified KeyExpansion process (Rijndael Spec, p. 15):

KeyExpansion(byte Key[4*Nk], word W[Nb*(Nr+1)]) { for(i = 0; i < Nk; i++) W[i] = (key[4*i], key[4*i+1], key[4*i+2], key[4*i+3]); for(i = Nk; i < Nb * (Nr + 1); i++) { temp = W[i - 1]; if (i % Nk == 0 || (i % Nk == 4 && Nk > 6)) temp = SubByte(RotByte(temp)) ^ Rcon[i / Nk]; else if ((i % Nk == 8 || i % Nk == 12) && Nk > 6) temp = SubByte(temp); W[i] = W[i - Nk] ^ temp; } }

6. ShiftRow

Standard offsets {0,1,2,3} would not achieve full diffusion in Extended AES until after 5 rounds. Optimized offsets {0,1,4,5} achieve full diffusion after just 4 rounds. Source code: com.crypt.test.OptimumShiftRow.java

References

AES: wikipedia.org/wiki/Advanced_Encryption_Standard · Block Cipher Modes: wikipedia.org/wiki/Block_cipher_modes_of_operation · PKCS #5 v2.1: RSA Laboratories, October 2006

View source code

Not standard.Better.

Four numbers.One fundamental difference.