BLOCK CIPHER

OPERATIONS
BY DR. DIPANWITA SADHUKHAN
Multiple Encryption
• Multiple encryption is a technique in
which an encryption algorithm is used
multiple times.
• In the first instance, plaintext is converted
to ciphertext using the encryption
algorithm.
• This ciphertext is then used as input and
the algorithm is applied again.
• This process may be repeated through
any number of stages.
• E.g. Triple DES uses three stages of the
DES algorithm, using two or three distinct
• keys.
Advantage:

• Single version of cipher has 𝑘-bit key

• Doubles the key length

• Double version of cipher uses two different 𝑘-bit

keys
• Worst case brute force:
• Uses an existing cipher
Double DES and Meet-in-the-Middle Attack
• Double encryption was an option for extending the key length of DES.
• It effectively would double the key length from 56 bits to 112 bits.
• Meet-in-the-middle attack makes Double-DES (or double encryption on any block
cipher) insecure.
Meet-in-the-Middle Attack
Tripple DES and Key Strength
Mode of Operations
In the actual scenario, the file size that • Fixed length blocks.
has to be encrypted may not be the
multiple of the block size. • b-bits input is converted to b-bit
output.
That is in practice, we usually need to
handle arbitrary amounts of data. • If the PT >b bits, then break the PT
into b-bit blocks.
• Lengthy message
• Image File • For different applications we need
different modes.
• Multimedia File • Initialize Vector (IV)
• Realtime Data A block of bits to randomize the encryption
and hence produce distinct ciphertext.

• Nonce: Number (used) Once

Random a pseudorandom number to
ensure that past communications can not
be reused in replay attacks.

• Padding
The final block may require padding to fit a
block size. Add null Bytes, Add the n bytes
with value to achieve padding.
Electronic Codebook (ECB)
• It is one of the simplest modes of
operation.
• The plain text is divided into a block. Why codebook?
• Each block is encrypted separately. • If the block of plain text is
• The same key is used for the repeated in the original message,
encryption of all blocks. then the ciphertext’s
corresponding block will also
• It makes the block of ciphertext. repeat.
• The same key which is used for • As the same key is used for tor all
encryption is used for decryption.
blocks.
• Each block is encoded independently
of the other blocks. C i = EK (Pi)

• Uses: secure transmission of single

values
Electronic Codebook (ECB)
Electronic Codebook (ECB)
Pros Cons
• Simplest Mode • Not suitable for large messages.
• Ideal for short message transfer.
• Independent, can encrypt any • Repetitive information contained in
block. the plaintext may show in
the ciphertext if aligned with
• Fast. blocks.
• Parallel encryption takes place.

• If the same message is encrypted

(with the same key) and sent
twice, their ciphertext is the same.
 Why ECB is not recommended??

Using ECB allows patterns

Original image Modes other than ECB result
to be easily discerned
in pseudo-randomness
 Cipher Block Chaining (CBC)
• At the receiver side, the ciphertext is
divided into blocks.
• The plain text is divided into blocks.
• The first block ciphertext is
• The first block of plain text and IV are combined
decrypted using the same key, which
using the XOR operation and then encrypt the
resultant message using the key and form the
is used for encryption. The decrypted
first block of ciphertext. result will be XOR with the IV and
form the first block of plain text.
• The first block of ciphertext is used as IV for the
second block of plain text. The same procedure • The second block of ciphertext is
will be followed for all blocks of plain text. also decrypted using the same key,
and the result of the decryption will
• Same Plain Text but different CT. be XOR with the first block of
• Encryption is dependent on the previous block.
ciphertext and form the second block
of plain text.
• The same key is used for encryptions.
• The same procedure is used for all
• Chaining is performed. the blocks.
• Usage: General purpose bulk data transfer. • The key that is used in CBC mode is
the same; only the IV is different,
which is initialized at a starting
Cipher Block Chaining (CBC)

Ci = EK (Pi XOR Ci-1)

C0 = IV
Cipher Block Chaining (CBC)
Pros Cons
• Identical blocks do not have the • Block Loss: blocks depend on their
same cipher. previous blocks for encryption. So,
if block Bi is lost, the encryption of
• This is because the initialization all subsequent blocks will not be
vector adds a random factor to possible.
each block.
• Slow
• Confidentiality
• No parallelism: the encryption of
• Authentication due to IV blocks needs to be done
sequentially, not in parallel.
• IV must be known to both sender
and receiver.
Cipher Feedback (CFB)
• Convert the block cipher into a • Like cipher block chaining mode, IV
stream cipher. is initialized.
• The length of PT=the length of CT • The IV is kept in the shift register.
It is encrypted using the key and
• Real-time data transfer. forms the ciphertext.
• No need for padding. • Now the leftmost j bits of the
encrypted IV is XOR with the plain
• Usage: General purpose stream- text’s first j bits.
oriented data transfer.
• This process will form the first part
• Authentication. of the ciphertext, and this
• ciphertext will be transmitted to
the receiver.
Cipher Feedback (CFB)
Cipher Feedback (CFB)
Pros Cons
• Can operate on real-time data • Wastage of transmission capacity
of the channel.
• Need for padding is eliminated
• Not a typical stream cipher
• Encryption function does the
decryption as well.
• Length PT=Length of CT
 Output Feedback (OFB)
• OFB mode is similar to CFB mode; the only difference is in CFB, the
ciphertext is used for the next stage of the encryption process,
whereas in OFB, the output of the IV encryption is used for the next
stage of the encryption process.
• The IV is encrypted using the key and form encrypted IV. Plain text
and encrypted IV are combined using XOR and produce the ciphertext.
• For the next stage, the ciphertext, which is the form in the previous
stage, is used as an IV for the next iteration. The same procedure is
followed for all blocks.
Output Feedback (OFB)

Relation between plaintext and ciphertext

Ci = Pi XOR Oi

Oi = EK (Oi-1)

O0 = IV
Output Feedback (OFB)
• The alternative to CFB is OFB.
• Here the generation of the “random” • Feedback is independent of the
bits is independent of the message message.
being encrypted. • Sender and receiver must be
• The advantage is that firstly, they can synched every time.
be computed in advance, good for • Vulnerable to modification attack.
bursty traffic • Not parallelizable.

• Any bit error only affects a single bit.

Thus this is good for noisy links (eg
satellite TV transmissions etc.).
• It works very similar to CFB. However,
the output of the encryption function is
fed back instead of ciphertext.
Counter (CTR)
• As the name is counter, it uses the sequence of numbers as an input for the
algorithm. When the block is encrypted, to fill the next register next counter
value is used. Note: the counter value will be incremented by 1.
• For encryption, the first counter is encrypted using a key, and then the plain
text is XOR with the encrypted result to form the ciphertext.
• The counter will be incremented by 1 for the next stage, and the same
procedure will be followed for all blocks.
• For decryption, the same sequence will be used. Here to convert ciphertext
into plain text, each ciphertext is XOR with the encrypted counter.
• For the next stage, the counter will be incremented by the same will be
repeated for all Ciphertext blocks.
• Here, we encrypt the counter value with the key rather than any feedback
value (no feedback).
• Counter for each plaintext will be different. It can be any function that
produces a sequence that is guaranteed not to repeat for a long time.
• Uses: high-speed network encryptions
Counter (CTR)

Ci = Pi XOR Oi
Oi = EK (i)
Counter (CTR)

•Strengths:
• Needs only the encryption algorithm
• Random access to encrypted data blocks
• Simple; fast encryption/decryption
•Counter must be
• Must be unknown and unpredictable
• Randomness in the cipher is a goal
CBC and CTR comparison
Applications of Different Modes
Comparison