block cipher modes
DESCRIPTION
CS 465. Block Cipher Modes. Last Updated: Sep 17, 2013. ECB Mode. Electronic Code Book Divide the plaintext into fixed-size blocks Encrypt/Decrypt each block independently There is a weakness with this approach. “Plain-Tux”. “Cipher-Tux”. “ Cipher-Tux2”. CBC Mode. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/1.jpg)
Block Cipher Modes
CS 465
Last Updated: Sep 17, 2013
![Page 2: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/2.jpg)
ECB Mode• Electronic Code Book• Divide the plaintext into fixed-size blocks• Encrypt/Decrypt each block independently• There is a weakness with this approach
“Plain-Tux”
“Cipher-Tux”
“Cipher-Tux2”
![Page 3: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/3.jpg)
![Page 4: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/4.jpg)
CBC Mode• Cipher Block Chaining• Overcomes the problem with ECB• XOR the plaintext with the prior ciphertext block• What about the first block?
![Page 5: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/5.jpg)
![Page 6: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/6.jpg)
Source: Network Security Essentials (Stallings)
![Page 7: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/7.jpg)
Initialization Vector (IV)
• Must be known to both the sender and recipient• Ideally both IV and key should protected, but the IV may
be public• Common approach: encrypt IV using ECB and send it
with the encrypted data• Most importantly, an IV should never be reused with the
same key. Why?
![Page 8: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/8.jpg)
Block Cipher as a Stream Cipher
• The following modes create a stream cipher from a block cipher. How is it done?
• Three modeso Counter Mode (CTR)o Cipher Feedback Mode (CFB)o Output Feedback Mode (OFB)
![Page 9: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/9.jpg)
![Page 10: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/10.jpg)
![Page 11: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/11.jpg)
![Page 12: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/12.jpg)
Summary• ECB
o Simpleo Don’t have to create/manage an IVo Parallel encryption/decryptiono Reveals patterns in the plaintext – should not use
• CBCo Conceals plaintext patternso Requires sequential encryptiono Parallel decryption
![Page 13: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/13.jpg)
Summary• Block cipher as stream cipher
o No need for paddingo Only have to implement encrypt function
• CTRo Preprocessing able to generate the keystream in advanceo Parallel encryption/decryption
• CFBo Parallel decryption
• OFBo Preprocessing able to generate the keystream in advance
![Page 14: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/14.jpg)
Padding
![Page 15: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/15.jpg)
Block Ciphers & Padding
• Block ciphers require that the plaintext be a multiple of the block size (ECB and CBC modes)
• Padding is used to make sure that all blocks are “full”
• Both sides need to know the padding scheme
![Page 16: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/16.jpg)
Padding Schemes• Pad with bytes all of the same value as the number of
padding bytes• Pad with 0x80 followed by 0x00 characters• Pad with 0x00 characters
o Last byte is equal to the number of padding byteso Pad with spaces
• Pad with 0x00 characters or spaceso Assuming these values don’t appear at the end of the actual data
• Short one-block messages in ECB mode will all encrypt the same with the same key – use random padding
See http://www.di-mgt.com.au/cryptopad.html
![Page 17: Block Cipher Modes](https://reader035.vdocuments.mx/reader035/viewer/2022062501/568161b8550346895dd18765/html5/thumbnails/17.jpg)
Other Uses for Padding?
• Disguise identical messageso Identical messages encrypted with the same key will always produce the same
ciphertext
• Disguise message lengtho Pad the message with a random number of bytes to create a random-sized
messageso All messages are padded to a preset length
• When is padding not required?