Block Ciphers - Mode of Operation (Part 2)


In the previous blog post, we learnt about the Electronic Code Book (ECB), Cipher Block Chaining (CBC) and Cipher Feedback (CFB) modes of operation. While the ECB mode has been made for very small blocks, the CBC mode works the best with large blocks and the CFB stands somewhere in the middle with handling mainly streams of data.

In this blog post, we will learn about the remaining modes of operation. So strap in and let’s get going.

Output Feedback (OFB)

To appreciate and better understand the OFB mode’s operations, we need to relook at what was offered by the Cipher Feedback mode (CFB). To reiterate, let’s look at the diagram of the CFB mode.



Here, the ciphertext from the previous block is used to encrypt the next block of plaintext. If a bit in the first ciphertext gets corrupted, then this corruption can get carried on. Now let’s look at how the output feedback mode. It looks at extremely similar to the CFB mode , the only difference is that the values used to encrypt the next block of plaintext are coming directly from the keystream, not from the resulting ciphertext.

If you need to encrypt something that would be very sensitive to these types of errors, such as digitized video or digitized voice signals, you should not use CFB mode.

You should use OFB mode instead, which reduces the chance that these types of bit corruptions can take place. So Output Feedback Mode (OFB) is a mode that a block cipher can work in when it needs to emulate a stream because it encrypts small amounts of data at a time, but it has a smaller chance of creating and extending errors throughout the full encryption process.

Counter Mode (CTR Mode)

Just take the OFB mode and make the IV as a different one for every iteration. Here comes the counter aspect. This mode uses an IV counter that increments for each plaintext block that needs to be encrypted.

There is no chaining involved here. Since no chaining is involved, there is no danger of corruption and in addition to it, parallel processing can be done which increases the performance considerably.

CTR mode has similar characteristics to OFB but also allows a random access property during decryption. CTR mode is well suited to operate on a multi-processor machine where blocks can be encrypted in parallel. Furthermore, it does not suffer from the short-cycle problem that can affect OFB.

Comments

You may also like to read...

Access Control Models - DAC, MAC, RBAC , Rule Based & ABAC

Understanding Security Modes - Dedicated , System high, Compartmented , Multilevel

Identification, Authentication, Authorization, and Accountability