Introduction To Network Security: Theory And Practice (2015)
Chapter 2. Data Encryption Algorithms
2.5 Standard Block Cipher Modes of Operations
Let 
be the block size of a given block cipher (e.g., 
for DES and 
for AES). Let 
be a plaintext string. Divide 
into a sequence of blocks:
such that the size of each block 
is 
(using padding for the last block if necessary). There are several methods to encrypt . Such methods are referred to as block cipher modes of operations. The following are the standard block cipher modes of operations:
1. electronic-codebook mode (ECB),
2. cipher-block-chaining mode (CBC),
3. cipher-feedback mode (CFB),
4. output-feedback mode (OFB), and
5. counter mode (CTR).
2.5.1 Electronic-Codebook Mode
The ECB mode encrypts each plaintext block independently. Let 
be the 
th ciphertext block. Table 2.5 lists the encryption and decryption steps under the ECB mode.
Table 2.5 ECB mode
|
ECB encryption steps |
ECB decryption steps |
|
|
|
|
|
|
,
,
.
.ECB is often used to encrypt short plaintext messages 
.
2.5.2 Cipher-Block-Chaining Mode
When the plaintext message 
is long, the possibility that 
for some 
will increase. When this happens, their corresponding cipher blocks 
and 
are identical under the ECB mode, which will be disclosed to the eavesdropper. The use of the cipher-block-chaining mode can overcome this weakness. Under the CBC mode, the previous ciphertext block is used to encrypt the current plaintext block. At the beginning, CBC uses an initial -bit block 
, referred to as an initial vector. Table 2.6 lists the encryption and decryption steps under the CBC mode.
Table 2.6 CBC mode
|
CBC encryption steps |
CBC decryption steps |
|
|
|
|
|
|
,
,CBC is commonly used in practice.
2.5.3 Cipher-Feedback Mode
Under the ECB and CBC modes, the receiver must wait for the entire ciphertext block to arrive before decryption can be started. There are several drawbacks in these schemes:
1. If the ciphertext block is too long, it would hinder the receiver from reading the entire plaintext message continuously.
2. If padding is used when dividing into blocks, the actual number of transmitted bits in ciphertext blocks will be larger than the number of bits in .
3. If a bit error occurs in a ciphertext block during transmission (i.e., a bit is flipped during transmission), it would affect the readability of the plaintext block after decryption because of the effect of diffusion.
The use of CFB mode can overcome these drawbacks. CFB does not divide into blocks. Instead, it encrypts each basic code one at a time. Let 
be the length of the basic code in a given code set. For example, 
for ASCII code and 
for Unicode. Note that 
can also be set to other values, as long as the length of the block is divisible by . Let
where each 
is an -bit binary string, and is divisible by .
Under CFB mode, the sender and the receiver share the same -bit initial vector 
. Encryption begins by encrypting 
to produce a ciphertext block 
. Let 
represent the -bit prefix of 
, and 
the 
-bit suffix of 
. The encryption procedure calculates 
. It then shifts bits to the left and fills in the bits on the right with 
. Repeat this until 
is obtained. Table 2.7 lists the encryption and decryption steps under the CFB mode.
Table 2.7 CFB mode
|
CFB encryption steps |
CFB decryption steps |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CFB is a common method to turn a block cipher algorithm into a stream cipher algorithm.
2.5.4 Output-Feedback Mode
If during the transmission of a CFB cipher string a bit error occurs, then this error not only will affect the correctness of 
, but also will affect the correctness of 
. This is because 
will be removed from 
only after 
iterations. Output feedback mode can overcome this drawback. OFB is similar to CFB. The only difference is that OFB does not place 
in 
. Table 2.8 lists the encryption and decryption steps under the OFB mode.
Table 2.8 OFB mode
|
OFB encryption steps |
OFB decryption steps |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
OFB is also a common method to turn a block cipher algorithm to a stream cipher algorithm. It is commonly used in error-prone environments.
2.5.5 Counter Mode
CTR produces block ciphers. It uses an -bit counter Ctr, which starts from an initial value and increases by 1 each time. Adding 1 to 
resets Ctr to 
. In other words, 
. We use 
to denote the initial value of Ctr and 
to denote 
.
All materials on the site are licensed Creative Commons Attribution-Sharealike 3.0 Unported CC BY-SA 3.0 & GNU Free Documentation License (GFDL)
If you are the copyright holder of any material contained on our site and intend to remove it, please contact our site administrator for approval.
© 2016-2025 All site design rights belong to S.Y.A.