Block Mode Ciphers

This work is licensed with a
Creative Commons Attribution 4.0 International LicenseEndFragment

1/12

Next

Block Mode Ciphers

Back

Restart

Next

A secret cryptographic key, a long string of bits that matches the requirements of the cipher, gets generated.

click to continue

Ciphertext

64 bits

C3

C2

Plaintext Data

C4

Blocks are encrypted in parallel

Data is broken into 64-bit blocks

Block ciphers are a fundamental class of cryptographic algorithms used to secure data in various applications. They operate on fixed-sized blocks of data and transform the blocks into encrypted output using a cryptographic key. There are five popular block cipher modes, each offering unique properties and applications.

2/12

How do Block mode ciphers work?

C1

5/12

Cipher block chaining (CBC) mode addresses the issue of identical plaintext blocks producing the same ciphertext blocks by introducing feedback. Each plaintext block is XORed with the previous ciphertext block before encryption which creates a chain-like structure. An Initialization Vector (IV), an upredictable value which is equal to the cipher’s block size, is used as to inititate the chaining process with the first block.

Cipher Block Chaining Mode (CBC)

click here to decrypt

Electronic Codebook Mode (ECB) is the simplest block cipher mode. Each block of plaintext is independently encrypted using the same key. Its name originated because physical code books provided the key. This mode lacks diffusion, though, which means that identical plaintest blocks produce identical ciphertext blocks.

Electronic Codebook Mode (ECB)

P3

P1

Plaintext

page 28, word 57

P4

submarine

The key is generated (like picking a specific word from a specific page of a code book).

3/12

Data is broken into blocks

P2

All blocks use the same key

XOR
Output

Advantages: 1) the chaining mechanism introduces diffusion, making it harder to detect patterns in the data; 2) errors in the ciphertext block affect only two blocks, limiting error propagation.
Disadvantages: 1) encryption of blocks is sequential rather that in parallel; 2) if there is data that is not an exact multiple of the block size, padding is required to fill the block.

The resulting XOR output is encrypted, and the ciphertext becomes the input that will be XORed with the next plaintext block (P2).

+

click here to continue

6/12

IV gets XORed with plaintext block (P1)

IV

4/12

Cipher Feedback Mode (CFB)

The ciphetext is the IV for the next block
Click here to continue

Ciphertext

10/12

Cipher Feedback Mode (CFB) converts a block cipher into a self-synchronizing stream cipher. It encrypts the previous ciphertext block and XORs the result with the plaintext to produce the ciphertext. This mode allows smaller units of encryption, making it suitable for applications with data of varying lengths.

IV derived from ciphertext block 1

IV derived from ciphertext block 2

IV derived from ciphertext block 3

The encrypted IV gets used as the IV for the next block
Click here to continue

Output Feedback Mode (OFB)

12/12

Output Feedback Mode (OFB) turns a block cipher into a synchronous stream cipher by generating a keystream independently of the plaintext. The keystream results by encrypting an IV with the block cipher and then XORing it with the plaintext to produce the ciphertext.

00000

00001

Nonce

00002

Counter Mode Cipher (CTR)

00003

Click here to XOR the encrypted block cipher with the plaintext block

8/12

Counter Mode turns a block cipher into a stream cipher. It generates the next keystream block by encrypting successive values of a counter. CTR combines a random IV (or nonce) with the counter to produce a unique counter block for encryption.

Counter
Block

Click here to combine the random IV/nonce with the counter using concatenation, addition, or XOR to generate the counter block.

click here to encrypt the counter block

7/12

9/12

11/12