ID NO: VU4F2324142 EXP NO:5 Security Lab

Aim:-Study of encryption of long messages using various modes of operation

using DES.

Theory:-

1. Introduction

DES (Data Encryption Standard) is a symmetric-key block cipher introduced by IBM in

the 1970s and adopted as a U.S. federal standard. It operates on 64-bit blocks of plaintext
and produces 64-bit ciphertext blocks, using a 56-bit secret key (the remaining 8 bits are
parity bits).

Since most real-world messages are longer than 64 bits, we need a strategy to encrypt
them securely. This is done by combining DES with modes of operation, which specify
how blocks are linked during encryption and decryption.

Modes are designed to:

1. Avoid patterns in ciphertext.
2. Allow encryption of arbitrary-length messages.
3. Provide error handling and synchronization.
4. Enable parallelism where possible.

2. Modes of Operation in DES

2.1 Electronic Codebook (ECB) Mode
How it works:
Each plaintext block of 64 bits is encrypted independently.
Equation: C_i = E_K(P_i), P_i = D_K(C_i)

Advantages:
- Very simple and fast.
- Allows parallel encryption/decryption of blocks.

Disadvantages:
TE-IT-B VPPCOE-VA PAGE-NO-1
ID NO: VU4F2324142 EXP NO:5 Security Lab

- Identical plaintext blocks give identical ciphertexts (patterns leak).

- Not secure for images, structured files, or large messages.

Use case: Encrypting random keys, small independent blocks

2.2 Cipher Block Chaining (CBC) Mode

How it works:
Each plaintext block is XORed with the previous ciphertext before encryption. The first

Equation: C_i = E_K(P_i ⊕ C_{i-1}), C_0 = IV

block uses an Initialization Vector (IV).

Decryption: P_i = D_K(C_i) ⊕ C_{i-1}

Advantages:
- Eliminates patterns → much stronger security.
- The same message produces different ciphertexts with different IVs.

Disadvantages:
- Encryption must be sequential (no parallelism).
- A single-bit error in ciphertext affects two blocks (current + next).

Use case: File encryption, financial transactions.

2.3 Cipher Block Chaining (CBC) Mode

How it works:
Each plaintext block is XORed with the previous ciphertext before encryption. The first

Equation: C_i = E_K(P_i ⊕ C_{i-1}), C_0 = IV

block uses an Initialization Vector (IV).

Decryption: P_i = D_K(C_i) ⊕ C_{i-1}

Advantages:
- Eliminates patterns → much stronger security.
- The same message produces different ciphertexts with different IVs.

Disadvantages:
- Encryption must be sequential (no parallelism).

TE-IT-B VPPCOE-VA PAGE-NO-2

ID NO: VU4F2324142 EXP NO:5 Security Lab

- A single-bit error in ciphertext affects two blocks (current +

next). Use case: File encryption, financial transactions.

2.4 Cipher Block Chaining (CBC) Mode

How it works:
Each plaintext block is XORed with the previous ciphertext before encryption. The first

Equation: C_i = E_K(P_i ⊕ C_{i-1}), C_0 = IV

block uses an Initialization Vector (IV).

Decryption: P_i = D_K(C_i) ⊕ C_{i-1}

Advantages:
- Eliminates patterns → much stronger security.
- The same message produces different ciphertexts with different IVs.

Disadvantages:
- Encryption must be sequential (no parallelism).
- A single-bit error in ciphertext affects two blocks (current + next).

Use case: File encryption, financial transactions.

2.5 Cipher Block Chaining (CBC) Mode

How it works:
Each plaintext block is XORed with the previous ciphertext before encryption. The first

Equation: C_i = E_K(P_i ⊕ C_{i-1}), C_0 = IV

block uses an Initialization Vector (IV).

Decryption: P_i = D_K(C_i) ⊕ C_{i-1}

Advantages:
- Eliminates patterns → much stronger security.
- The same message produces different ciphertexts with different IVs.

Disadvantages:
- Encryption must be sequential (no parallelism).

TE-IT-B VPPCOE-VA PAGE-NO-3

ID NO: VU4F2324142 EXP NO:5 Security Lab

- A single-bit error in ciphertext affects two blocks (current + next).

Use case: File encryption, financial transactions.

TE-IT-B VPPCOE-VA PAGE-NO-4

ID NO: VU4F2324142 EXP NO:5 Security Lab

2.6 Cipher Block Chaining (CBC) Mode

How it works:
Each plaintext block is XORed with the previous ciphertext before encryption. The first
block uses an Initialization Vector (IV).
Equation: C_i = E_K(P_i ⊕ C_{i-1}), C_0 = IV
Decryption: P_i = D_K(C_i) ⊕ C_{i-1}

Advantages:
- Eliminates patterns → much stronger security.
- The same message produces different ciphertexts with different IVs.

Disadvantages:
- Encryption must be sequential (no parallelism).
- A single-bit error in ciphertext affects two blocks (current + next).

Use case: File encryption, financial transactions.

2.7 Cipher Feedback (CFB) Mode

How it works:
Turns DES into a self-synchronizing stream cipher. Instead of encrypting plaintext
directly, the previous ciphertext is encrypted, and the output is XORed with plaintext.
Equation: C_i = P_i ⊕ E_K(C_{i-1}), C_0 = IV
Decryption: P_i = C_i ⊕ E_K(C_{i-1})

Advantages:
- Can work in smaller units (e.g., 8-bit or 1-bit).
- Doesn’t require message padding.

Disadvantages:
- Sequential operation (no parallelism).
- Transmission errors affect multiple subsequent blocks.

Use case: Secure communication channels, where data arrives in streams.

TE-IT-B VPPCOE-VA PAGE-NO-5

ID NO: VU4F2324142 EXP NO:5 Security Lab

2.8 Output Feedback (OFB) Mode

How it works:
Similar to CFB, but instead of using ciphertext in the feedback loop, it uses the previous
output of the encryption function.
Equation: O_i = E_K(O_{i-1}), O_0 = IV
C_i = P_i ⊕ O_i
Decryption: P_i = C_i ⊕ O_i

Advantages:
- Bit errors in ciphertext affect only one block.
- Can precompute the keystream in advance (parallelization possible).
- No need for padding (works like a stream cipher).

Disadvantages:
- If IV is reused, keystream repeats → vulnerable.

Use case: Satellite communication, wireless networks.

2.9 Counter (CTR) Mode

How it works:
Uses a counter value that increments for each block. The counter is encrypted, and its
output is XORed with the plaintext.
Equation: C_i = P_i ⊕ E_K(CTR+i)
Decryption: P_i = C_i ⊕ E_K(CTR+i)

Advantages:
- Highly parallelizable (both encryption & decryption).
- Errors affect only one block.
- Precomputation possible.

Disadvantages:
- Counter reuse compromises security.

Use case: High-performance systems, secure protocols.

TE-IT-B VPPCOE-VA PAGE-NO-6

ID NO: VU4F2324142 EXP NO:5 Security Lab

3. Comparison of Modes

Mode Security Parallelization Error Effect Use Cases

ECB Weak Yes None Small/random

(patterns blocks, keys
visible)
CBC Strong No (sequential) 2 blocks File
(no affected encryption,
patterns) banking
CFB Medium No Multiple Streaming,
blocks comms
affected
OFB Medium Yes (keystream Single Wireles
precomputatio block s,
n) affected satellite
CTR Strongest Yes Single High-speed
block encryption
affected

Conclusion:

DES, by itself, can only encrypt 64-bit blocks, which is insufficient for long messages.
Modes of operation extend DES to work with large data securely.

- ECB is insecure for long messages (patterns leak).

- CBC is secure but sequential.
- CFB & OFB allow streaming encryption.
- CTR is the most efficient and parallelizable.

TE-IT-B VPPCOE-VA PAGE-NO-7