Block ciphers encrypt data in fixed-size blocks, while stream ciphers generate a stream of bits that are exclusive-ored with the plaintext to produce the ciphertext.īlock ciphers are designed to encrypt a single fixed-size chunk of data, which presents issues for plaintexts that are not exactly the correct length. Within the symmetric encryption category are block and stream ciphers. Symmetric encryption uses the same secret key for both encryption and decryption, while asymmetric cryptography (also known as public key cryptography) uses a pair of related public and private keys. The major breakdown is between symmetric and asymmetric cryptography. What is a Block Cipher Mode of Operation?Ĭryptographic algorithms come in a few different forms. While a variety of block ciphers exist, this article will explore the pros and cons of the ECB and CBC block cipher modes of operation. CBC – Pros and Cons of These Block Cipher Modesīlock cipher modes of operation are designed to allow encryption of data that is too long to fit in a single block of a block cipher. This may help in the analysis or may provide an opportunity for substituting or rearranging blocks.ECB vs. If the message has repetitive elements with a period of repetition a multiple of b bits, then these elements can be identified by the analyst.
Ple, if it is known that the message always starts out with certain predefined fields, then the cryptanalyst may have a number of known plaintext–ciphertext pairs to work with. If the message is highly structured, it may be possible for a cryptanalyst to exploit these regularities. Most significant characteristic of ECB is that if the same b-bit block of plaintext appears more than once in the message, itįor lengthy messages, the ECB mode may not be secure. Thus, if you want to transmit a DES or AES key securely, ECB is the appropri- ate The ECB method is ideal for a short amount ofĭata, such as an encryption key. Sequence of ciphertext blocks is C 1, C 2. In Figure 6.3, the plaintext (paddedĪs necessary) consists of a sequence of b -bit blocks, P 1, P 2, Á, P N
Decryption is per- formed one block at a time, always using the same key. Therefore, we can imagineĪ gigantic codebook in which there is an entry for every possible b-bit plaintext pattern showing its corresponding ciphertext.Ī message longer than b bits, the procedure is simply to break the mes. The term codebook is used because, for a given key, there is a unique ciphertext for every b-bitīlock of plaintext. The simplest mode is the electronic codebook ( ECB) mode, in which plaintext is handled one block at a timeĪnd each block of plaintext is encrypted using the same key (Figure 6.3). The modes are summarized in Table 6.1 and described in this and the following sections. These modes are intended for use with any symmetric block cipher, including triple DES and AES.
The five modes are intended to cover a wide variety of applications of encryption for which a block cipher could be used. Or adapting the algorithm for an application, such as applying a block cipher to a sequence of data blocks or a data stream. In essence,Įnhancing the effect of a cryptographic algorithm To apply a block cipher in a variety of applica- tions, five modes of operation have been defined by NIST (SP 800-38A). When multiple blocks of plaintext are encrypted using the same key, a number of security issues arise.
If the amount of plaintext to be encrypted is greater than b bits, then the block cipher can still be used by breaking the plaintext A block cipher takes a fixed-length block of text of length b bits and a key as input and produces a b-bit block of ciphertext.