Iss Unit-1, 2

Block Cipher modes of Operation
Encryption algorithms are divided into two categories based on the input type, as a
block cipher and stream cipher. Block cipher is an encryption algorithm that takes
a fixed size of input say b bits and produces a ciphertext of b bits again. If the input
is larger than b bits it can be divided further. For different applications and uses,
there are several modes of operations for a block cipher.
Electronic Code Book (ECB) –

Electronic code book is the easiest block cipher mode of functioning. It is easier
because of direct encryption of each block of input plaintext and output is in form of
blocks of encrypted ciphertext. Generally, if a message is larger than b bits in size,
it can be broken down into a bunch of blocks and the procedure is repeated.
Procedure of ECB is illustrated below:
Advantages of using ECB –
 Parallel encryption of blocks of bits is possible, thus it is a faster way of

encryption.
 Simple way of the block cipher.
Disadvantages of using ECB –
 Prone to cryptanalysis since there is a direct relationship between plaintext and

ciphertext.
Cipher Block Chaining –
Cipher block chaining or CBC is an advancement made on ECB since ECB
compromises some security requirements. In CBC, the previous cipher block is
given as input to the next encryption algorithm after XOR with the original plaintext
block. In a nutshell here, a cipher block is produced by encrypting an XOR output
of the previous cipher block and present plaintext block.
The process is illustrated here:
Advantages of CBC –
 CBC works well for input greater than b bits.
 CBC is a good authentication mechanism.
 Better resistive nature towards cryptanalysis than ECB.
Disadvantages of CBC –
 Parallel encryption is not possible since every encryption requires a previous

cipher.
Cipher Feedback Mode (CFB) –
In this mode the cipher is given as feedback to the next block of encryption with
some new specifications: first, an initial vector IV is used for first encryption and
output bits are divided as a set of s and b-s bits.The left-hand side s bits are
selected along with plaintext bits to which an XOR operation is applied. The result
is given as input to a shift register having b-s bits to lhs,s bits to rhs and the
process continues. The encryption and decryption process for the same is shown
below, both of them use encryption algorithms.
Advantages of CFB –
 Since, there is some data loss due to the use of shift register, thus it is difficult
for applying cryptanalysis.
Disadvantages of using ECB –
 The drawbacks of CFB are the same as those of CBC mode. Both block losses
and concurrent encryption of several blocks are not supported by the
encryption. Decryption, however, is parallelizable and loss-tolerant.
Output Feedback Mode –
The output feedback mode follows nearly the same process as the Cipher
Feedback mode except that it sends the encrypted output as feedback instead of
the actual cipher which is XOR output. In this output feedback mode, all bits of the
block are sent instead of sending selected s bits. The Output Feedback mode of
block cipher holds great resistance towards bit transmission errors. It also
decreases the dependency or relationship of the cipher on the plaintext.
Advantages of OFB –
 In the case of CFB, a single bit error in a block is propagated to all subsequent
blocks. This problem is solved by OFB as it is free from bit errors in the plaintext
block.
Disadvantages of OFB-
 The drawback of OFB is that, because to its operational modes, it is more

susceptible to a message stream modification attack than CFB.
Counter Mode –
The Counter Mode or CTR is a simple counter-based block cipher implementation.
Every time a counter-initiated value is encrypted and given as input to XOR with
plaintext which results in ciphertext block. The CTR mode is independent of
feedback use and thus can be implemented in parallel.
Its simple implementation is shown below:
Advantages of Counter –
 Since there is a different counter value for each block, the direct plaintext and
ciphertext relationship is avoided. This means that the same plain text can map
to different ciphertext.
 Parallel execution of encryption is possible as outputs from previous stages are

not chained as in the case of CBC.
Disadvantages of Counter-
 The fact that CTR mode requires a synchronous counter at both the transmitter
and the receiver is a severe drawback. The recovery of plaintext is erroneous
when synchronisation is lost.
Difference between Block Cipher and Stream Cipher
Block Cipher and Stream Cipher belongs to the symmetric key cipher.
These two block ciphers and stream cipher are the methods used for
converting the plain text into ciphertext.
The main difference between a Block cipher and a Stream cipher is that a
block cipher converts the plain text into cipher text by taking plain text’s block
at a time. While stream cipher Converts the plain text into cipher text by
taking 1 byte of plain text at a time.
S.NO Block Cipher Stream Cipher
Stream Cipher Converts the

Block Cipher Converts the plain
plain text into cipher text by
1. text into cipher text by taking plain
taking 1 byte of plain text at a
text’s block at a time.
time.
Block cipher uses either 64 bits or

2. While stream cipher uses 8 bits.
more than 64 bits.
The complexity of block cipher is While stream cipher is more

3.
simple. complex.
Block cipher Uses confusion as While stream cipher uses only

4.
well as diffusion. confusion.
In block cipher, reverse encrypted While in-stream cipher, reverse

5.
text is hard. encrypted text is easy.
The algorithm modes which are The algorithm modes which are
used in block cipher are ECB used in stream cipher are CFB
6.
(Electronic Code Book) and CBC (Cipher Feedback) and OFB
(Cipher Block Chaining). (Output Feedback).
Block cipher works on While stream cipher works on

transposition techniques like rail- substitution techniques
7.
fence technique, columnar like Caesar cipher, polygram
transposition technique, etc. substitution cipher, etc.
Block cipher is slow as compared While stream cipher is fast in

8.
to a stream cipher. comparison to block cipher.
Data encryption standard (DES)
Data encryption standard (DES) has been found vulnerable to very
powerful attacks and therefore, the popularity of DES has been found slightly
on the decline. DES is a block cipher and encrypts data in blocks of size
of 64 bits each, which means 64 bits of plain text go as the input to DES,
which produces 64 bits of ciphertext. The same algorithm and key are used
for encryption and decryption, with minor differences. The key length is 56
bits.
The basic idea is shown in the figure:
We have mentioned that DES uses a 56-bit key. Actually, The initial key
consists of 64 bits. However, before the DES process even starts, every 8th
bit of the key is discarded to produce a 56-bit key. That is bit positions 8, 16,
24, 32, 40, 48, 56, and 64 are discarded.
Thus, the discarding of every 8th bit of the key produces a 56-bit key from
the original 64-bit key.
DES is based on the two fundamental attributes of cryptography: substitution
(also called confusion) and transposition (also called diffusion). DES consists
of 16 steps, each of which is called a round. Each round performs the steps
of substitution and transposition. Let us now discuss the broad-level steps in
DES.
 In the first step, the 64-bit plain text block is handed over to an initial
Permutation (IP) function.
 The initial permutation is performed on plain text.
 Next, the initial permutation (IP) produces two halves of the permuted
block; saying Left Plain Text (LPT) and Right Plain Text (RPT).
 Now each LPT and RPT go through 16 rounds of the encryption process.
 In the end, LPT and RPT are rejoined and a Final Permutation (FP) is
performed on the combined block
 The result of this process produces 64-bit ciphertext.
Initial Permutation (IP):

As we have noted, the initial permutation (IP) happens only once and it
happens before the first round. It suggests how the transposition in IP should
proceed, as shown in the figure. For example, it says that the IP replaces the
first bit of the original plain text block with the 58th bit of the original plain
text, the second bit with the 50th bit of the original plain text block, and so on.
This is nothing but jugglery of bit positions of the original plain text block. the
same rule applies to all the other bit positions shown in the figure.
As we have noted after IP is done, the resulting 64-bit permuted text block is
divided into two half blocks. Each half-block consists of 32 bits, and each of
the 16 rounds, in turn, consists of the broad-level steps outlined in the
figure.
Step-1: Key transformation:

We have noted initial 64-bit key is transformed into a 56-bit key by discarding
every 8th bit of the initial key. Thus, for each a 56-bit key is available. From
this 56-bit key, a different 48-bit Sub Key is generated during each round
using a process called key transformation. For this, the 56-bit key is divided
into two halves, each of 28 bits. These halves are circularly shifted left by
one or two positions, depending on the round.
For example: if the round numbers 1, 2, 9, or 16 the shift is done by only
one position for other rounds, the circular shift is done by two positions. The
number of key bits shifted per round is shown in the figure.
After an appropriate shift, 48 of the 56 bits are selected. for selecting 48 of

the 56 bits the table is shown in the figure given below. For instance, after
the shift, bit number 14 moves to the first position, bit number 17 moves to
the second position, and so on. If we observe the table , we will realize that it
contains only 48-bit positions. Bit number 18 is discarded (we will not find it
in the table), like 7 others, to reduce a 56-bit key to a 48-bit key. Since the
key transformation process involves permutation as well as a selection of a
48-bit subset of the original 56-bit key it is called Compression Permutation.
Because of
this compression permutation technique, a different subset of key bits is
used in each round. That makes DES not easy to crack.
Step-2: Expansion Permutation:
Recall that after the initial permutation, we had two 32-bit plain text areas
called Left Plain Text(LPT) and Right Plain Text(RPT). During the expansion
permutation, the RPT is expanded from 32 bits to 48 bits. Bits are permuted
as well hence called expansion permutation. This happens as the 32-bit RPT
is divided into 8 blocks, with each block consisting of 4 bits. Then, each 4-bit
block of the previous step is then expanded to a corresponding 6-bit block,
i.e., per 4-bit block, 2 more bits are added.
This process results in expansion as well as a permutation of the input bit

while creating output. The key transformation process compresses the 56-bit
key to 48 bits. Then the expansion permutation process expands the 32-bit
RPT to 48-bits. Now the 48-bit key is XOR with 48-bit RPT and the resulting
output is given to the next step, which is the S-Box substitution.

Iss Unit-1, 2

Uploaded by

Copyright:

Available Formats

Iss Unit-1, 2

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Iss Unit-1, 2

Uploaded by

Copyright:

Available Formats

Block Cipher modes of Operation

Electronic Code Book (ECB) –

Procedure of ECB is illustrated below:

Advantages of using ECB –

 Parallel encryption of blocks of bits is possible, thus it is a faster way of

 Simple way of the block cipher.

Disadvantages of using ECB –

 Prone to cryptanalysis since there is a direct relationship between plaintext and

The process is illustrated here:

 CBC works well for input greater than b bits.

 CBC is a good authentication mechanism.

 Better resistive nature towards cryptanalysis than ECB.

 Parallel encryption is not possible since every encryption requires a previous

Disadvantages of using ECB –

 The drawback of OFB is that, because to its operational modes, it is more

Its simple implementation is shown below:

 Parallel execution of encryption is possible as outputs from previous stages are

S.NO Block Cipher Stream Cipher

Stream Cipher Converts the

Block cipher uses either 64 bits or

The complexity of block cipher is While stream cipher is more

Block cipher Uses confusion as While stream cipher uses only

In block cipher, reverse encrypted While in-stream cipher, reverse

Block cipher works on While stream cipher works on

Block cipher is slow as compared While stream cipher is fast in

Initial Permutation (IP):

Step-1: Key transformation:

After an appropriate shift, 48 of the 56 bits are selected. for selecting 48 of

This process results in expansion as well as a permutation of the input bit

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.