Cryptography

and Network
Security
Sixth Edition
by William Stallings
 Chapter 6
Block Cipher Operation
“ Many savages at the present day regard their
names as vital parts of themselves, and therefore
take great pains to conceal their real names, lest
these should give to evil-disposed persons a handle
by which to injure their owners.”
— The Golden Bough,
Sir James George Frazer
Double DES
Meet-in-the-Middle Attack
Triple-DES with Two-Keys
• Obvious counter to the meet-in-the-middle attack is to
use three stages of encryption with three different keys
• This raises the cost of the meet-in-the-middle attack to
2112, which is beyond what is practical
• Has the drawback of requiring a key length of 56
x 3 = 168 bits, which may be somewhat unwieldy
• As an alternative Tuchman proposed a triple encryption
method that uses only two keys

• 3DES with two keys is a relatively popular alternative

to DES and has been adopted for use in the key
management standards ANSI X9.17 and ISO 8732
Multiple Encryption
Triple DES with Three Keys
• Many researchers now feel that three-key 3DES is the
preferred alternative

• A number of Internet-based applications have adopted

three-key 3DES including PGP and S/MIME
 Modes of Operation
• A technique for enhancing the effect of a
cryptographic algorithm or adapting the algorithm
for an application
• To apply a block cipher in a variety of applications,
five modes of operation have been defined by NIST
• The five modes are intended to cover a wide variety
of applications of encryption for which a block
cipher could be used
• These modes are intended for use with any
symmetric block cipher, including triple DES and AES
Electronic
Codebook
Mode
(ECB)
 • Overhead
Criteria and properties
for evaluating and • Error recovery
constructing block • Error propagation
cipher modes of
operation that are • Diffusion
superior to ECB: • Security
 Cipher
Block
Chaining
(CBC)
 Cipher Feedback Mode

• For AES, DES, or any block

cipher, encryption is
performed on a block of b
bits
• In the case of DES b = 64
• In the case of AES b = 128
 s-bit
Cipher
Feedback
(CFB)
Mode
 Output
Feedback
(OFB)
Mode
Counter
(CTR)
Mode
 • Hardware efficiency

• Software efficiency
Advantages
• Preprocessing
of
• Random access
CTR
• Provable security

• Simplicity
 Feedback
Characteristics
of
Modes
of
Operation
XTS-AES Mode for Block-Oriented
Storage Devices
• Approved as an additional block cipher mode
of operation by NIST in 2010
• Mode is also an IEEE Standard, IEEE Std 1619-
2007
• Standard describes a method of encryption for
data stored in sector-based devices where the
threat model includes possible access to stored
data by the adversary
• Has received widespread industry support
Tweakable Block Ciphers
• XTS-AES mode is based on the concept of a tweakable block
cipher
• General structure:
• Has three inputs:

Produces
a
ciphertext
output
C

• Tweak need not be kept secret

• Purpose is to provide variability
Tweakable Block Cipher
 XTS-AES
Operation
on
Single Block
XTS–AES
Mode
 Summary
• Multiple encryption • Cipher feedback mode
and triple DES • Output feedback mode
• Double DES
• Triple DES with two • Counter mode
keys
• XTS-AES mode for
• Triple DES with three
keys block-oriented storage
devices
• Electronic code book • Storage encryption
requirements
• Cipher block chaining • Operation on a single
mode block
• Operation on a sector