Encryption Types & Modes

Chapter 9
Encryption Types
Stream Ciphers Block Ciphers

Encryption Modes
ECB - Electronic Codebook CBC - Cipher Block Chaining CFB - Cipher Feedback OFB - Output Feedback

Stream Ciphers
One unit of the data stream is encrypted at a time. Most often the unit is a byte. Some comm systems it is one bit.
Keystream Generator Keystream Generator

Keystream

Ki Ciphertext

Keystream Ki

Pi

Plaintext

Ci

Plaintext

Pi

Block Ciphers
Block ciphers encrypt a block of data at a time Usually the blocks are 64 bits or 8 bytes or 128 bits (16 bytes)
Computationally efficient Requires padding at the end of a message
B1 ... Bi ... Bn Padding

Electronic Codebook Mode (ECB)

64 bit (8 byte) blocks
Pi-1 Pi Pi+1 Ci-1 Ci Ci+1

Ek

Ek

Ek

Dk

Dk

Dk

Ci-1

Ci

Ci+1

Pi-1

Pi

Pi+1

Ciphertext = (C0 C1 ... Cn)

Block Replay (ECB)

1 TS 2 3 4 5 6 7 8 9 10 11 12 13
Amount

Sending Receiving Bank Bank

Depositers Name

Acc't #

Through many intercepted tansmissions you learn that blocks 2, 3, and 4 never change. Block 1 always changes. By making your own deposits you know where your name is, your acc't # is and the amount is. Then you substitute your info where it is supposed to go.

Cipher Block Chaining Mode (CBC)

Encryption
C0 = Ek(P0 IV) Ci = Ek(Pi Ci-1) P0 IV Pi-1 Pi Pi+1

Decryption
P0 = IV Dk(C0) Pi = Ci-1 Dk(Ci) Ci-1 Ci Ci+1

Ci-2

Ek

Ek

Ek

Ek

Dk Pi-1

Dk Pi

Dk Pi+1

Ci-2 C0 Ci-1 Ci Ci+1

Ciphertext = (IV C0 C1 ... Cn)

CBC Last Block

(without padding)

Pn-2

Pn-1

Pn (j-bits long)

Ek

Ek

Ek
Select left j bits

Cn (j-bits long)

Cn-2

Cn-1

CBC Initialization Vector

Without the IV every encryption of a plaintext encrypts the same. With the IV being a random number they are all different The IV does not have to be random nor unique, but. The IV need not remain secret (it is XORed with block 0) The time stamp makes a good IV. It need not be random, just not predictable

CBC Error Propagation

1 bit error in the plaintext feed Will affect that block and all others Decryption will correct all but the flipped bit 1 bit error in the ciphertext feed Will affect that block 1 bit of recovered plaintext CBC mode is self recovering

Cipher Feedback Mode (CFB)

Encryption
C0 = P0 Ek(IV) Ci = Pi Ek(Ci-1)

Decryption
P0 = Ek(IV) C0 Pi = Ci Ek(Ci-1) Pi Pi+1 Ci-1 Ci Ci+1

P0

Pi-1

IV

Ek

Ci-2

Ek

Ek

Ek

Ek

C0

Ci-1

Ci Ciphertext = (IV C0 C1 ... Cn)

Ci+1

Pi

Pi+1

CFB Initialization Vector

CFB must use an IV The IV does not have to be random but must be unique The IV need not remain secret (it is XORed with block 0) The IV must be changed with every message. Must not be repeated during the lifetime of the key.

CFB Error Propagation

CFB mode is self recovering An error corrupts 1 block of data

Output Feedback Mode (OFB)

Encryption
C0 = P0 Ek(IV) Ci = Pi Ek(Si-1)

Decryption
P0 = Ek(IV) C0 Pi = Ci Ek(Si-1) Pi Pi+1 Ek Ek
Note: The plaintext is never encrypted. IV and succesive encryptions act as an onetime pad generator. The IV does not have to remain secret

P0
IV Ek Ci-2

Pi-1 Ek

C0

Ci-1

Ci Ciphertext = (IV C0 C1 ... Cn)

Ci+1

OFB Error Propagation

1 bit error in the ciphertext feed causes a single bit error in the plaintext recovery

Block Cipher Modes Summary

ECB CBC CFB OFB