Block Ciphers - Mode of Operation (Part 1)

Block ciphers have several modes of operation and each mode works in a specific way. Each mode of operation has its own utility and performs well under specific circumstances. Sometimes you may find that there is a trade-off between security and convenience when one of the modes is implemented.

For the CISSP exam, we need to learn about the following 5 modes of operation.

Electronic Code Book (ECB)
Cipher Block Chaining (CBC)
Cipher Feedback (CFB)
Output Feedback (OFB)
Counter Mode (CTR)

In part 1 of this blog post, we will learn about ECB, CBC and CFB mode. The next part will cover the OFB and CTR modes.

Electronic Code Book Mode

It’s important to understand the meaning of KEY before any of the modes is understood. KEY is not a password that protects your information. A key is basically instructions for the use of a codebook that dictates how a block
of text will be encrypted and decrypted. It’s not the codebook itself, just the instructions on how to use that codebook.

Coming back to ECB, this mode operates in a simple “What goes in is what comes out” fashion. A 64-bit data block is entered into the algorithm with a key, and a block of ciphertext is produced. For a given block of plaintext and a given key, the same block of ciphertext is always produced. There may be some messages that are are not 64 bit long hence ECB embeds padding ( extra redundant bits) to solve the problem.

The diagram below explains the ECB mode.
The ECB mode as it can be deduced involves the use of the same key in all the iterations which it undertakes. Since the same key is used every time, it results in the same code block as the output for every iteration. Simply stated, a block of plaintext and a key will always give the same ciphertext. This means that if the word “CISSP” were encrypted and the resulting ciphertext was “Ericss1n,” each time it was encrypted using
the same key, the same ciphertext would always be given.

So, two bad things can happen here: an attacker could uncover the key and thus have the key to decrypt all the blocks of data, or an attacker could gather the ciphertext and plaintext of each block and build the codebook that was used, without needing the key. While the ECB mode is the easiest to use, it also has the security issues associated with it as pointed out above.

The crux of the problem is that there is not enough randomness to the process of encrypting the independent blocks, so if this mode is used to encrypt a large amount of data, it could be cracked more easily than the other modes that block ciphers can work in. It is important to note that the issue only arises with large chunks of data. Take an example to understand this - Say you just have 48 bits of data that needs to be encrypted. You use the ECB mode and you get just one block of encrypted data. The hacker will not be able to make any deduction as multiple code blocks have not been generated. If the case was to encrypt 1024 bits of data, around 16 blocks would be generated which will be sufficient to identify the key or the message. Hence ECB mode is put to use to encrypt small amounts of data, such as PINs, challenge-response values in authentication processes, and encrypting keys. ECB is also the fastest modes of operation as compared to others.

ECB mode does not use chaining. This simply means that the second code block is independent of the first block that is generated and so on. Thi independence results in the following advantages when this mode of operation is put to use:

  1. Operations can be run parallelly thereby reducing processing time.
  2. Errors are not carried forward as chaining is not implemented.

Cipher Block Chaining Mode 

The CBC mode helps solve the problem of the ECB mode where if a block is encrypted using the key, it would result in the same message every time until the key is changed. This means if the text “CISSP” is encrypted using CBC mode the first time, it would result in “NCY68$” while in the second case may result in “WD#^%%Y”. How does this happen?

The diagram below helps us understand :
A new hero is introduced in the CBC mode - IV or initialization vector. The IV is the star of the show as it helps to bring the randomness that was missing out from the ECB mode. Notice that the key is still the same in all the blocks but each block is now chained to the other one.

Let’s understand the operation in detail. A block of plain text is XORed with the IV. The key is then fed to the mode of operation to produce the encrypted block. This encrypted block acts as the IV for the next block and hence at any point of time, you will not receive the same encrypted text from the same plain text.

Even if the key remains the same for subsequent operations, you can still bring in randomness by just changing the IV. However, there is one drawback in this mode which is error introduction due to chaining. If an error gets introduced in one of the blocks, it will continue until the end as the output acts as the input for the next block.
The CBC mode is ideal when large chunks of data need to be sent across.

Cipher Feedback Mode

Imagine you are having a chat on Google Hangouts with one of your friends. You want the information that is sent across to be encrypted. Now this is an interesting case as the data that needs to be encrypted is neither very small - ECB mode or large - CBC mode (64 bits). The data also flows in a way as it is a stream of data rather than one complete block. To help solve this problem, the CFB mode comes to our rescue.

This is detailed here:
The IV brings randomness and along with the key is fed to the encryption code block. The result is then XORed with the plain text to produce the ciphertext. The encrypted text acts as the IV for the next block of operation.

In the next blog post, we will cover the remaining two modes of operations.
What are your thoughts on these modes? The comments section is just the place for it…

Comments

You may also like to read...

Access Control Models - DAC, MAC, RBAC , Rule Based & ABAC

Understanding Security Modes - Dedicated , System high, Compartmented , Multilevel

Identification, Authentication, Authorization, and Accountability