Lecture 1.7

Cryptography & Network Security
Subject Code: KCS074
Pankaj Kumar
Assistant Professor
Department of Computer Science & Engineering

Pranveer Singh Institute of Technology, Kanpur, India
October 31, 2023

Block Cipher Modes of Operation
• A mode of operation is a technique for enhancing the effect of a crypto-

graphic algorithm or adapting the algorithm for an application, such as
applying a block cipher to a sequence of data blocks or a data stream.
• A block cipher takes a fixed-length block of text of length b bits and a
key as input and produces a b-bit block of ciphertext.
• If the amount of plaintext to be encrypted is greater than b bits, then
the block cipher can still be used by breaking the plaintext up into b-bit
blocks.
• When multiple blocks of plaintext are encrypted using the same key, a
number of security issues arise.
• To apply a block cipher in a variety of applications, five modes of
operation have been defined by NIST.
Pankaj Kumar October 31, 2023 2/20


1. Electronic Codebook (ECB) Mode

• The simplest mode, in which plaintext is handled one block at a time
and each block of plaintext is encrypted using the same key.
• The term codebook is used because, for a given key, there is a unique
ciphertext for every b-bit block of plaintext.
• The ECB method is ideal for a short amount of data, such as an
encryption key.

Electronic Codebook (ECB) Mode

Advantages and Limitations of ECB Mode

• Message repetitions may show in ciphertext.
• If aligned with message block.
• Particularly with data such graphics.
• Or with messages that change very little, which become a code-book
analysis problem.
• Weakness is due to the encrypted message blocks being independent.
• Main use is sending a few blocks of data.

2. Cipher Block Chaining (CBC) Mode:

• In this scheme, the input to the encryption algorithm is the XOR of the
current plaintext block and the preceding ciphertext block; the same
key is used for each block. Therefore, if the same plaintext block is
repeated, different ciphertext blocks are produced.
• For decryption, each cipher block is passed through the decryption
algorithm. The result is XORed with the preceding ciphertext block to
produce the plaintext block.
• The Input Value (IV) is an initialization block, which is produced using
random number generator and it should be the same size as the cipher
block. This must be known to both the sender and receiver but it
should be unpredictable by a third party.
Cipher Block Chaining (CBC) Mode:

Cipher Block Chaining (CBC) Mode:

• For maximum security, the IV should be protected against unauthorized
changes.
• This could be done by sending the IV using ECB encryption.
• In conclusion, because of the chaining mechanism of CBC, it is an
appropriate mode for encrypting messages of length greater than b
bits.
• In addition to its use to achieve Confidentiality, the CBC mode can
be used for Authentication.

Advantages and Limitations of CBC Mode

• A ciphertext block depends on all blocks before it.
• Any change to a plaintext block affects all following ciphertext blocks.
• Need Initialization Vector (IV).
• which must be known to sender and receiver.
• If sent in clear, attacker can change bits of first block, and change IV
to compensate.
• Hence, IV must either be a fixed value or must be sent encrypted in
ECB mode before rest of message.

3. Cipher Feedback Mode (CFB):

• A stream cipher eliminates the need to pad a message to be an integral
number of blocks. It also can operate in real time. Thus, if a charac-
ter stream is being transmitted, each character can be encrypted and
transmitted immediately using a character-oriented stream cipher.
• In the given figure, it is assumed that the unit of transmission is s
bits; a common value is s = 8. As with CBC, the units of plaintext
are chained together, so that the ciphertext of any plaintext unit is a
function of all the preceding plaintext. In this case, rather than blocks
of b bits, the plaintext is divided into segments of s bits.

Cipher Feedback (CFB) Mode:

Advantages and Limitations of CFB Mode

• Appropriate when data arrives in bits/bytes
• Most common stream mode
• Limitation is need to stall while do block encryption after every n-bits
• Note that the block cipher is used in encryption mode at both ends
• Errors propagate for several blocks after the error

4. Output Feedback (OFB) Mode

• For OFB, the output of the encryption function is fed back to become
the input for encrypting the next block of plaintext.
• In CFB, the output of the XOR unit is fed back to become input for
encrypting the next block.
• The other difference is that the OFB mode operates on full blocks of
plaintext and ciphertext.

Output Feedback (OFB) Mode:

Advantages and Limitations of OFB Mode

• Bit errors do not propagate.
• More vulnerable to message stream modification.
• A variation of a Vernam cipher.
• It must never reuse the same sequence (key + IV ).
• Sender and receiver must remain in sync.
• Originally specified with m-bit feedback.
• Subsequent research has shown that only full block feedback (i.e.,
CFB − 64 or CFB − 128) should ever be used.

5. Counter (CTR) Mode

• In This mode, each block of plaintext is XORed with an encrypted
counter.
• The counter is initialized to some value and then incremented by 1 for
each subsequent block being encrypted using the same key.

Counter (CTR) Mode:

Advantages and Limitations of CTR Mode

• Efficiency:
• It can do parallel encryptions in h/w or s/w
• It can preprocess in advance of need
• Good for bursty high speed links
• Random access to encrypted data blocks
• Provable security (good as other modes)
• But, it must ensure never reuse key/counter values, otherwise could
break.

Thank You!

Lecture 1.7

Uploaded by

Copyright:

Available Formats

Lecture 1.7

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lecture 1.7

Uploaded by

Copyright:

Available Formats

Cryptography & Network Security

Subject Code: KCS074

Department of Computer Science & Engineering

October 31, 2023

• A mode of operation is a technique for enhancing the effect of a crypto-

Pankaj Kumar October 31, 2023 2/20

Pankaj Kumar October 31, 2023 3/20

1. Electronic Codebook (ECB) Mode

Pankaj Kumar October 31, 2023 4/20

Electronic Codebook (ECB) Mode

Pankaj Kumar October 31, 2023 5/20

Advantages and Limitations of ECB Mode

Pankaj Kumar October 31, 2023 6/20

2. Cipher Block Chaining (CBC) Mode:

Cipher Block Chaining (CBC) Mode:

Pankaj Kumar October 31, 2023 8/20

Cipher Block Chaining (CBC) Mode:

Pankaj Kumar October 31, 2023 9/20

Advantages and Limitations of CBC Mode

Pankaj Kumar October 31, 2023 10/20

3. Cipher Feedback Mode (CFB):

Pankaj Kumar October 31, 2023 11/20

Cipher Feedback (CFB) Mode:

Pankaj Kumar October 31, 2023 12/20

Advantages and Limitations of CFB Mode

• Most common stream mode

• Limitation is need to stall while do block encryption after every n-bits

• Errors propagate for several blocks after the error

Pankaj Kumar October 31, 2023 13/20

4. Output Feedback (OFB) Mode

Pankaj Kumar October 31, 2023 14/20

Output Feedback (OFB) Mode:

Pankaj Kumar October 31, 2023 15/20

Advantages and Limitations of OFB Mode

Pankaj Kumar October 31, 2023 16/20

5. Counter (CTR) Mode

Pankaj Kumar October 31, 2023 17/20

Counter (CTR) Mode:

Pankaj Kumar October 31, 2023 18/20

Advantages and Limitations of CTR Mode

Pankaj Kumar October 31, 2023 19/20

Pankaj Kumar October 31, 2023 20/20

You might also like