Block cipher mode of operation

An operation mode or an operation mode is a method that describes how encrypted with a block cipher messages. Only the combination of block cipher and mode of operation makes it possible to encrypt messages that are longer than the block length. Usually the message is to split into several blocks and brought to a suitable length by padding. An initialization vector (IV), the method may additionally independently from the key used to randomize.

Classical modes

Electronic Codebook Mode

The simplest mode is to encrypt each block independently of the other. This process is called Electronic Code Book mode (ECB ) and has the following properties.

  • Same message blocks are encrypted the same.
  • A permutation of blocks of ciphertext results in the same exchange of the blocks in the decoded message.
  • An error in a block only affects decryption of that block.

From the use of the ECB mode is discouraged, unless it is only once a single message block is encrypted.

Cipher Block Chaining Mode

The problems of the ECB can be solved by linking a message block before encryption with the previous Chiffratblock. For the first block, take this, an initialization vector. Since Chiffratblock now depends on all of the preceding blocks, rearranging the blocks is not possible, without affecting the decryption. Because encryption is also dependent on initialization, two identical messages with different IVs are also encrypted differently. This mode also has the following properties.

  • A change in a bit in a Chiffratblock has the consequence that the corresponding message block is randomized, while the very same bits are changed in the plain text of the subsequent block.
  • An error in a block affects only the corresponding and subsequent plaintext block.

Cipher Feedback Mode

If also messages should be encrypted, whose length is not a multiple of the block length, the block cipher in Cipher Feedback Mode ( CFB) can be used as a self-synchronizing stream cipher. Here, an initialization vector is first encrypted and the result is added to the message. The resulting bits of the ciphertext is shifted into the plaintext register and there displace as many bits of the IV The result is re-encrypted and added to the next message bits. As the CBC mode Chiffratbit depends on the message and the previous Chiffratbits. An error affects long as the encryption, until the dirty bit has been shifted out of the plaintext register.

Output Feedback Mode

When Output Feedback Mode is not a Chiffratblock, but the output of the encryption function is used as a feedback in contrast to the Cipher Feedback Mode. Thus, each error propagation is avoided, and effectively operated the block cipher as a synchronous stream cipher; of the key stream is independent of the message. This also means that for each message a different initialization vector to be used, because the entire key stream depends on his own.

Counter Mode

A simplification of the Output Feedback mode is the Counter Mode, in which, instead of feedback, a sequence of natural numbers is encrypted. This makes it possible to decode a block without having to decrypt before the other blocks.

CTR mode
121175
de