What AES Modes Are Actually Solving

Security reviews often contain a sentence like this: “the data is encrypted with AES.”

That is not enough. AES is a block cipher. It defines how a key transforms one 16-byte block into another 16-byte block. Real messages are often longer than 16 bytes, may contain repeated fields, protocol headers, lengths, padding, and multiple packets.

So the practical question is not only “is it AES?” The real questions are:

• which mode is used
• where the IV or nonce comes from
• how non-16-byte-aligned lengths are handled
• whether ciphertext tampering is detected
• whether decryption errors leak information
• whether a counter or nonce can repeat under the same key

The most useful first model is: AES is the basic block transformation. The mode of operation turns it into an encryption scheme for real messages. The mode decides whether repeated blocks leak, whether padding is needed, what IV/nonce rules apply, whether authentication exists, and whether error handling becomes an attack surface.

What Secure Boot and OTA Firmware Signatures Actually Protect

Device security discussions often include: “The firmware is signed, so it is secure.”

That is only partly true. A firmware signature proves that the firmware was authorized by a trusted private key and was not modified. It does not automatically answer whether the firmware is encrypted, whether old versions can be rolled back, whether every boot stage verifies the next stage, how signing keys are protected, or whether the device can recover after update failure.