Path: blob/master/Block-Cipher/Mode-of-Encryption/README.md
1402 views
Mode of encryption
A block cipher takes in a block of data of size equal to the blocksize, a key (and an IV in some cases). The block cipher algorithm does not know how encryption of each block of data affects the blocks present next to it. This is in fact governed by the mode in which the data is encrypted in a block cipher.
Prerequisite:
ECB mode (Electronic CodeBook)
This is the simplest mode of encryption. The padded message is divided into blocks and each block is encrypted separately using the block cipher algorithm (AES, DES, etc.). The encryption and decryption takes place as follows:
We know from Shannon's Theorem of perfect secrecy that the ciphertext should leave no hints about patterns existing in the plaintext. But ECB does leave some trace about patterns existing in the plaintext. Two blocks having the same data will give the same ciphertext blocks. By this the attacker can easily know that there are two blocks of plaintext which have the same data and thus it is not safe for use. This happens because the encryption of previous plaintext block does not affect the encryption of plaintext block next to it.
Here are two images, the second is an encrypted image of the first image, and as we can see, the patterns existing in the ciphertext which makes ECB mode unsafe for use:
CBC mode (Cipher Block Chaining)
This mode is one of the most commonly used mode of encryption. In this mode of encryption, the plaintext is XORed with the ciphertext of the previous block before giving as an input to the block cipher. For the first block, plaintext is XORed with an IV (Initialisation Vector) which can be assigned a value as per choice.
The encryption takes place as follows (Assuming the first block has index 1): Ci = Ek(Pi xor Ci-1), C0 = IV
The decryption takes place as follows (Assuming the first block has index 1): Pi = Dk(Ci) xor Ci-1, C0 = IV
Encryption/Decryption in CBC:
CTR mode (Counter Mode)
This mode of encryption converts a block cipher into a stream cipher. Picturised representation of CTR mode of encryption/decryption:
As the picture suggests, a stream of bytes is encrypted using the block cipher encryption algorithm instead of the plaintext bytes being encrypted. The encrypted stream of bytes are then XORed with the plaintext to give the corresponding ciphertext. A point to be noted here is that the stream of bytes for each block should be unique or otherwise it would lead to some serious security issues(Think about what could be the security issues!). That is why we use a counter inside the stream of bytes being encrypted along with a unique string called the nonce. The nonce remains the same for each block, but the counter value increases by 1 for each block. Note that in this mode, there is no need of decryption oracle as the stream of bytes are always being encrypted using the block cipher and then xored. We just have to XOR it with ciphertext/plaintext depending on whether we are going to decrypt/encrypt respectively. Note that for a blocksize of 16 bytes, the first 12 bytes are occupied by nonce followed by 4 bytes of counter.