Block Mode Ciphers
This work is licensed with a
Creative Commons Attribution 4.0 International LicenseEndFragment
1/12
Next
Block Mode Ciphers
Back
Restart
Next
A secret cryptographic key, a long string of bits that matches the requirements of the cipher, gets generated.
click to continue
Ciphertext
64 bits
C3
C2
Plaintext Data
C4
Blocks are encrypted in parallel
Data is broken into 64-bit blocks
Block ciphers are a fundamental class of cryptographic algorithms used to secure data in various applications. They operate on fixed-sized blocks of data and transform the blocks into encrypted output using a cryptographic key. There are five popular block cipher modes, each offering unique properties and applications.
2/12
How do Block mode ciphers work?
C1
5/12
Cipher block chaining (CBC) mode addresses the issue of identical plaintext blocks producing the same ciphertext blocks by introducing feedback. Each plaintext block is XORed with the previous ciphertext block before encryption which creates a chain-like structure. An Initialization Vector (IV), an upredictable value which is equal to the cipher’s block size, is used as to inititate the chaining process with the first block.
Cipher Block Chaining Mode (CBC)
click here to decrypt
Electronic Codebook Mode (ECB) is the simplest block cipher mode. Each block of plaintext is independently encrypted using the same key. Its name originated because physical code books provided the key. This mode lacks diffusion, though, which means that identical plaintest blocks produce identical ciphertext blocks.
Electronic Codebook Mode (ECB)
P3
P1
Plaintext
page 28, word 57
P4
submarine
The key is generated (like picking a specific word from a specific page of a code book).
3/12
Data is broken into blocks
P2
All blocks use the same key
XOR
Output
Advantages: 1) the chaining mechanism introduces diffusion, making it harder to detect patterns in the data; 2) errors in the ciphertext block affect only two blocks, limiting error propagation.
Disadvantages: 1) encryption of blocks is sequential rather that in parallel; 2) if there is data that is not an exact multiple of the block size, padding is required to fill the block.
The resulting XOR output is encrypted, and the ciphertext becomes the input that will be XORed with the next plaintext block (P2).
+
click here to continue
6/12
IV gets XORed with plaintext block (P1)
IV
4/12
Cipher Feedback Mode (CFB)
The ciphetext is the IV for the next block
Click here to continue
Ciphertext
10/12
Cipher Feedback Mode (CFB) converts a block cipher into a self-synchronizing stream cipher. It encrypts the previous ciphertext block and XORs the result with the plaintext to produce the ciphertext. This mode allows smaller units of encryption, making it suitable for applications with data of varying lengths.
IV derived from ciphertext block 1
IV derived from ciphertext block 2
IV derived from ciphertext block 3
The encrypted IV gets used as the IV for the next block
Click here to continue
Output Feedback Mode (OFB)
12/12
Output Feedback Mode (OFB) turns a block cipher into a synchronous stream cipher by generating a keystream independently of the plaintext. The keystream results by encrypting an IV with the block cipher and then XORing it with the plaintext to produce the ciphertext.
00000
00001
Nonce
00002
Counter Mode Cipher (CTR)
00003
Click here to XOR the encrypted block cipher with the plaintext block
8/12
Counter Mode turns a block cipher into a stream cipher. It generates the next keystream block by encrypting successive values of a counter. CTR combines a random IV (or nonce) with the counter to produce a unique counter block for encryption.
Counter
Block
Click here to combine the random IV/nonce with the counter using concatenation, addition, or XOR to generate the counter block.
click here to encrypt the counter block
7/12
9/12
11/12