Block Cipher Modes of Operation
A block cipher
algorithm is a basic building block for providing data security. To apply a
block cipher in a variety of applications, four "modes of operation" have been
defined by NIST (FIPS 81). In essence, a mode of operation is a technique for
enhancing the effect of a cryptographic algorithm or adapting the algorithm for
an application, such as applying a block cipher to a sequence of data blocks or
a data stream. The four modes are intended to cover virtually all the possible
applications of encryption for which a block cipher could be used. As new
applications and requirements have appeared, NIST has expanded the list of
recommended modes to five in Special Publication 800-38A. These modes are
intended for use with any symmetric block cipher, including triple DES and AES.
The modes are summarized in Table 6.1
and described briefly in the remainder of this section.
|
Mode
|
Description
|
Typical Application
|
|---|---|---|
|
Electronic Codebook (ECB)
|
Each block of 64 plaintext bits is encoded independently using
the same key.
|
|
|
Cipher Block Chaining (CBC)
|
The input to the encryption algorithm is the XOR of the next 64
bits of plaintext and the preceding 64 bits of ciphertext.
|
|
|
Cipher Feedback (CFB)
|
Input is processed j bits at a
time. Preceding ciphertext is used as input to the encryption algorithm to
produce pseudorandom output, which is XORed with plaintext to produce next unit
of ciphertext.
|
|
|
Output Feedback (OFB)
|
Similar to CFB, except that the input to the encryption
algorithm is the preceding DES output.
|
|
|
Counter (CTR)
|
Each block of plaintext is XORed with an encrypted counter. The
counter is incremented for each subsequent block.
|
|
No comments:
Post a Comment