Scribd
Upload
113 views17 pages

Understanding Modes of Operation

The document summarizes 5 modes of operation for symmetric-key encryption using block ciphers like DES and AES: 1) Electronic Code Book (ECB) mode encrypts each block independently using the same key. It does not hide data patterns but has no error propagation. 2) Cipher Block Chaining (CBC) mode XORs each plaintext block with the previous ciphertext block before encryption. It hides data patterns and prevents known plaintext attacks but has error propagation. 3) Cipher Feedback (CFB) mode encrypts a shift register and uses portions of the output to encrypt plaintext blocks smaller than the block size. It prevents data pattern detection and has no padding but is less efficient than CBC or ECB.

Uploaded by

Ayush Jain
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
113 views17 pages

Understanding Modes of Operation

The document summarizes 5 modes of operation for symmetric-key encryption using block ciphers like DES and AES: 1) Electronic Code Book (ECB) mode encrypts each block independently using the same key. It does not hide data patterns but has no error propagation. 2) Cipher Block Chaining (CBC) mode XORs each plaintext block with the previous ciphertext block before encryption. It hides data patterns and prevents known plaintext attacks but has error propagation. 3) Cipher Feedback (CFB) mode encrypts a shift register and uses portions of the output to encrypt plaintext blocks smaller than the block size. It prevents data pattern detection and has no padding but is less efficient than CBC or ECB.

Uploaded by

Ayush Jain
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

Modes of Operation

Introduction
• Symmetric-key encipherment can be done using modern block ciphers. The two modern block ciphers
namely DES and AES, are designed to encipher and decipher a block of text of fixed size.

• DES – 64 bits ; AES – 128 bits.

• In real-life applications, the text to be enciphered is of variable size and normally much larger than 64
or 128 bits.

• Modes of operation have been devised to encipher text of any size employing either DES or AES
1. Electronic Code Book
• Simplest mode of operation
• The plaintext is divided into N blocks. The block size is n bits.
• If the plaintext size is not a multiple of the block size, the text is padded to make the last block the same size
as the other blocks.
• The same key is used to encrypt and decrypt each block
Security Issues – ECB
• Patterns at the block level are preserved. For example, equal blocks in the plaintext become equal blocks in the ciphertext.

• The block independency creates opportunities for Eve to exchange some ciphertext blocks without knowing the key.

Error Propagation
A single bit error in transmission can create errors in several (normally half of the bits or all of the bits) in the corresponding
block. However, the error does not have any effect on the other blocks.
2. Cipher Block Chaining (CBC) Mode

• In CBC mode, each plaintext block is exclusive-or ed with the previous ciphertext block before being
encrypted.

• When a block is enciphered, the block is sent, but a copy of it is kept in memory to be used in the encryption
of the next block.

• There is no ciphertext block before the first block. In this case, a phony block called the initialization vector
(IV) is used.

• The sender and receiver agree upon a specific predetermined IV.


Cipher Block Chaining (CBC) Mode
Security Issues- CBC
In CBC mode, equal plaintext blocks belonging to the same message are enci-phered into different ciphertext
blocks. However, if two messages are equal, their encipherment is the same if they use the same IV

Eve can add some ciphertext blocks to the end of the ciphertext stream.

Error propagation
In CBC mode, a single bit error in ciphertext block Cj during transmission may create error in most bits in
plaintext block Pj during decryption
3. Cipher Feedback Mode

• ECB and CBC modes encrypt and decrypt blocks of the message

• In some situations, we need to use DES or AES as secure ciphers, but the plaintext or ciphertext block
sizes are to be smaller.

• The solution is to use DES or AES in cipher feedback (CFB) mode. In this mode the size of the block
used in DES or AES is n, but the size of the plaintext or ciphertext block is r, where r < n

IDEA : To use DES or AES, not for encrypting the plaintext or decrypting the ciphertext, but to encrypt
or decrypt the contents of a shift register, S.
Interesting facts:
One interesting point about this mode is that no padding is required because the size of
the blocks, r, is normally chosen to fit the data unit to be encrypted.

The system does not have to wait until it has received a large block of data (64 bits or
128 bits) before starting the encryption.

Drawback

CFB is less efficient than CBC or ECB, because it needs to apply the encryption
function of underlying block cipher for each small block of size r.
Cipher Feedback Mode
Security Issues
1. Just like CBC, the patterns at the block level are not preserved.

2. More than one message can be encrypted with the same key, but the value of the IV
should be changed for each message. This means that Alice needs to use a different IV
each time she sends a message.

3. Eve can add some ciphertext block to the end of the ciphertext stream
4. Output Feedback (OFB) mode

• Output feedback (OFB) mode is very similar to CFB mode, with one difference:
each bit in the ciphertext is independent of the previous bit or bits.

• This avoids error propagation.

• If an error occurs in transmission, it does not affect the bits that follow
Security Issues
1. Just like the CFB mode, patterns at the block level are not preserved.
2. Any change in the ciphertext affects the plaintext encrypted at the receiver side.

Error Propagation
A single error in the ciphertext affects only the corresponding bit in the plaintext.
5. Counter (CTR) Mode

• In the counter (CTR) mode, there is no feedback.

• The pseudorandomness in the keystream is achieved using a counter. An n-bit counter is


initialized to a pre-determined value (IV) and incremented based on a predefined rule (mod ).

• To provide a better randomness, the increment value can depend on the block number to be
incremented

• The plaintext and ciphertext block have the same block size as the underlying cipher (e.g.,
DEA or AES). Plaintext blocks of size n are encrypted to create ciphertext blocks of size n

You might also like