0% found this document useful (0 votes)
11 views15 pages

Block Cipher Modes of Operation

Uploaded by

uroojuphasan2003
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
11 views15 pages

Block Cipher Modes of Operation

Uploaded by

uroojuphasan2003
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 15

Electronic Codebook Book

(ECB)
message is broken into independent
blocks which are encrypted
each block is a value which is substituted,
like a codebook, hence name
each block is encoded independently of
the other blocks
Ci = DESK1(Pi)
uses: secure transmission of single values
Electronic Codebook Book
(ECB)
Advantages and Limitations of
ECB
message repetitions may show in
ciphertext
◦ if aligned with message block
◦ particularly with data such graphics
◦ or with messages that change very little,
which become a code-book analysis problem
weakness is due to the encrypted
message blocks being independent
main use is sending a few blocks of data
Cipher Block Chaining
(CBC)
message is broken into blocks
linked together in encryption operation
each previous cipher blocks is chained
with current plaintext block, hence
name
use Initial Vector (IV) to start process
Ci = DESK1(Pi XOR Ci-1)
C-1 = IV
uses:bulk data encryption,
authentication
Cipher Block Chaining
(CBC)
Message Padding
atend of message must handle a
possible last short block
◦ which is not as large as blocksize of cipher
◦ pad either with known non-data value (eg
nulls)
◦ or pad last block along with count of pad size
 eg. [ b1 b2 b3 0 0 0 0 5]
 means have 3 data bytes, then 5 bytes pad+count
◦ this may require an extra entire block over
those in message
thereare other, more esoteric modes,
which avoid the need for an extra block
Advantages and Limitations
of CBC
a ciphertext block depends on all
blocks before it
any change to a block affects all
following ciphertext blocks
need Initialization Vector (IV)
◦ which must be known to sender & receiver
◦ if sent in clear, attacker can change bits of first
block, and change IV to compensate
◦ hence IV must either be a fixed value (as in
EFTPOS)
◦ or must be sent encrypted in ECB mode before
rest of message
Cipher FeedBack (CFB)
message is treated as a stream of bits
added to the output of the block cipher
result is feed back for next stage (hence
name)
standard allows any number of bit (1,8, 64
or 128 etc) to be feed back
◦ denoted CFB-1, CFB-8, CFB-64, CFB-128 etc
most efficient to use all bits in block (64 or
128)
Ci = Pi XOR DESK1(Ci-1)
C-1 = IV
uses:stream data encryption,
authentication
Cipher FeedBack (CFB)
Advantages and Limitations
of CFB
appropriate when data arrives in
bits/bytes
most common stream mode
limitation is need to stall while do
block encryption after every n-bits
note that the block cipher is used
in encryption mode at both ends
errors propogate for several
blocks after the error
Output FeedBack (OFB)
message is treated as a stream of bits
output of cipher is added to message
output is then feed back (hence name)
feedback is independent of message
can be computed in advance
Ci = Pi XOR Oi
Oi = DESK1(Oi-1)
O-1 = IV
uses:stream encryption on noisy
channels
Advantages and Limitations
of OFB
bit errors do not propagate
more vulnerable to message stream
modification
a variation of a Vernam cipher
◦ hence must never reuse the same
sequence (key+IV)
sender & receiver must remain in sync
originally specified with m-bit feedback
subsequent research has shown that
only full block feedback (ie CFB-64
or CFB-128) should ever be used
Counter (CTR)
a “new” mode, though proposed
early on
similar to OFB but encrypts counter
value rather than any feedback value
must have a different key & counter
value for every plaintext block (never
reused)
Ci = Pi XOR Oi
Oi = DESK1(i)
uses: high-speed network encryptions
Counter (CTR)
Advantages and Limitations
of CTR
efficiency
◦ can do parallel encryptions in h/w or s/w
◦ can preprocess in advance of need
◦ good for bursty high speed links
random access to encrypted data
blocks
provable security (good as other
modes)
but must ensure never reuse
key/counter values, otherwise could
break (cf OFB)

You might also like