When a VPN promises “military-grade encryption,” the cipher it almost always means is AES-256. It’s the workhorse that keeps your traffic private as it crosses the open internet — the same standard used by banks, governments and messaging apps. But what do the numbers actually mean, and is the hype justified? Here’s the plain-English version.
What AES-256 actually is
AES stands for the Advanced Encryption Standard. It’s a symmetric cipher, which means the same secret key is used to both scramble (encrypt) and unscramble (decrypt) your data. The “256” refers to the length of that key: 256 bits.
AES was selected by the U.S. National Institute of Standards and Technology (NIST) in 2001 after a years-long public competition, and published as FIPS 197. It replaced the aging DES standard and quickly became the default cipher for securing everything from Wi-Fi to hard drives to VPN tunnels.
Technically, AES is a block cipher: it encrypts data in fixed 128-bit chunks, running each block through multiple rounds of substitution and shuffling. With a 256-bit key, it performs 14 rounds — each one thoroughly mixing the data so the output looks like random noise to anyone without the key.
Why the key length matters
The strength of AES comes down to how hard the key is to guess. A 256-bit key has 2^256 possible values. That number is almost impossible to picture, so here’s an analogy.
Imagine you had to find one specific grain of sand — but instead of searching a beach, you had to search a volume larger than the entire observable universe, packed solid with sand. Even that vastly understates it. There are roughly 2^256 combinations to try, which is more than the estimated number of atoms in the observable universe. No supercomputer, no cluster, and no realistic amount of time can brute-force that.
This is why security experts say attackers never bother attacking the AES math directly. They go after the weak links instead: a poorly chosen password, a bug in the software, or a device that’s already compromised. The cipher itself holds.
Why “military-grade” is accurate (for once)
Marketing loves the phrase “military-grade,” and it’s usually just noise. With AES-256, though, it’s literally true: the U.S. government approved AES for protecting classified information, including data classified up to TOP SECRET, when implemented correctly. The same cipher secures online banking, encrypted messengers and password managers.
So while “military-grade” is a marketing term, the underlying claim holds up. You’re using the exact cipher trusted by the people with the strongest incentives to keep secrets.
GCM: encryption and a tamper-proof seal
Veilock doesn’t just use AES-256 — it uses AES-256-GCM. The “GCM” part matters.
Older modes of AES (like CBC) only handle confidentiality: they scramble your data so it can’t be read, but they don’t tell you whether someone quietly altered it in transit. To catch tampering, you’d need to bolt on a separate integrity check.
GCM (Galois/Counter Mode) does both jobs at once. It’s an authenticated encryption mode, defined in NIST SP 800-38D, that encrypts your data and generates a cryptographic tag proving it wasn’t modified. Think of it as sealing a letter in an envelope and adding a wax seal that shatters if anyone opens it. If a single bit is flipped along the way, the receiving end rejects the packet.
GCM is also fast. Modern processors include dedicated AES-NI instructions that handle the heavy lifting in hardware, so encryption adds very little overhead. That’s why you can run AES-256-GCM on a laptop or phone and barely notice it.
How Veilock uses AES-256-GCM
Inside a VPN, encryption is only half the picture — you also need a secure way to agree on the key in the first place. Veilock handles this in two stages:
- The handshake. When you connect, your device and the Veilock server perform a key exchange, authenticating each other and generating a fresh, random AES key for the session. Because the key is negotiated per session and never reused, capturing one session tells an attacker nothing about the next.
- The transport. Once the key is set, every packet you send is wrapped in AES-256-GCM. Your ISP, the coffee-shop Wi-Fi, or anyone snooping the network sees only unreadable, tamper-evident ciphertext.
Different protocols pair with different ciphers — OpenVPN typically uses AES-256-GCM, while WireGuard uses the equally strong ChaCha20. Both are excellent; the choice mostly comes down to the protocol you’re running. Our VPN protocols explainer covers how they fit together.
Strong encryption also only counts if the provider isn’t undermining it elsewhere. A cipher can’t protect you if the VPN logs your activity, so Veilock pairs AES-256-GCM with a strict no-logs policy and leak-proof DNS-over-HTTPS resolution.
AES-256 vs ChaCha20: a quick note
You’ll sometimes see WireGuard-based connections use ChaCha20 instead of AES. This isn’t a downgrade. ChaCha20 is a modern stream cipher that’s just as secure as AES-256 and can actually be faster on devices without AES hardware acceleration (older phones, some routers). The rule of thumb: if your hardware has AES-NI, AES-256-GCM flies; if it doesn’t, ChaCha20 keeps things quick. Either way, your data is protected to the same standard.
The bottom line
AES-256 earns its reputation. A 256-bit key is beyond the reach of brute force, the cipher has survived decades of public scrutiny with no practical break, and in GCM mode it protects both the secrecy and the integrity of your traffic. When Veilock encrypts your connection with AES-256-GCM, it’s using the same proven standard that guards classified data and global banking — the difference between your traffic being private and being an open book. Pair it with a real no-logs policy, and encryption stops being a buzzword and starts being protection you can rely on.
AES-256-GCM vs older encryption approaches
| Feature | AES-256-GCM | AES-256-CBC | No encryption |
|---|---|---|---|
| Key length | 256-bit | 256-bit | None |
| Confidentiality | Strong | Strong | None |
| Built-in tamper detection | Yes (authenticated) | No (needs separate MAC) | No |
| Speed on modern hardware | Very fast (AES-NI) | Fast | N/A |
| Used by Veilock | Yes | Legacy only | Never |