Technology Sharing

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

---

Pre

---

Overview

1. Introduce the basic concepts of block ciphers.
2. Explain the working principle, advantages and disadvantages, and application scenarios of the ECB mode.
3. This section introduces the working principle, advantages and disadvantages, and application scenarios of the CBC mode in detail.
4. Describe the working principle, advantages and disadvantages, and application scenarios of the CFB mode.
5. Explain the working principle, advantages and disadvantages, and application scenarios of OFB mode.
6. Summarize and give suggestions for mode selection.

---

why

When you need to encrypt plaintext of any length, you need to iterate the encryption in groups. There are many modes of block ciphers. If the mode is not selected properly, the confidentiality of the plaintext cannot be fully guaranteed.

---

---

Basic concepts of block ciphers and stream ciphers

Block Cipher: Divide the plaintext data into blocks of fixed length (usually 128 bits or 64 bits) and then encrypt them block by block. Each block is called a block.

Stream Cipher：An encryption algorithm that processes data streams continuously, encrypting bit by bit or byte by byte, suitable for data stream encryption.

---

What is a pattern

Mode is an iterative algorithm for block ciphers

For example, the ECB mode in the DES algorithm we often use. The ECB mode is a method of dividing the plaintext into multiple groups and encrypting them one by one. The ECB algorithm has a small amount of calculation and a fast encryption and decryption speed, but it has now been proven that ECB is an unreliable mode. So don't use the ECB mode in formal occasions.

---

Common modes for block ciphers

1. ECB mode (Electronic Codebook mode)

ECB groups the plaintext and then directly encrypts it to produce ciphertext groups

working principle：

• Split the plaintext into multiple fixed-length groups.
• Each packet is encrypted independently.

advantage：

• The calculation is simple and fast.
• Supports parallel processing.

shortcoming：

• The same plaintext grouping will produce the same ciphertext grouping, making it impossible to hide the pattern and structure of the plaintext.
• Vulnerable to statistical analysis attacks.

Application Scenario：

• It is not suitable for encryption of sensitive information and is not recommended for use in formal occasions.

In ECB mode, plaintext and ciphertext are one-to-one corresponding. The same plaintext can always get the same ciphertext. So although the plaintext cannot be directly derived from the ciphertext, it is possible to carry out targeted attacks based on the characteristics of the ciphertext.

For example: Bob sent a transfer message to Alice:

分组1 = Bob的银行账号 
分组2 = Alice的银行账号 
分组3 = 转账金额

Although Eve cannot directly modify the account number and amount (because there is no decrypted data), Eve can launch an attack by exchanging group 1 and group 2.

分组1 = Alice的银行账号 
分组2 = Bob的银行账号 
分组3 = 转账金额

This attack is successful because ECB does not hide plaintext information.

---

2. CBC mode (Cipher Block Chaining Mode)

Ciphertext Group Chaining Mode

working principle：

• The first plaintext block is XORed with the initialization vector (IV) and encrypted to produce the first ciphertext block.
• Each subsequent plaintext block is encrypted after being XORed with the previous ciphertext block to generate the corresponding ciphertext block.

advantage：

• It can hide the pattern and structure of plaintext and improve security.
• Supports parallel decryption.

shortcoming：

• Encryption does not support parallel processing and must be performed serially.
• If a ciphertext block is damaged, it will affect the decryption of the current and next blocks.

---

The core of CBC is to use the previous ciphertext group as a variable in the next plaintext encryption. In this way, even if the plaintext is the same, different results will appear after the ciphertext XOR operation. This achieves the purpose of obfuscating plaintext information.

But I wonder if you have noticed how the first plaintext block is processed? When processing the first plaintext block, the XOR is 0. Then the ciphertext block A degenerates into ECB mode. In order to avoid this situation, we need to artificially add an initial ciphertext block, which is called IV component.

Application Scenario：

• Used in scenarios that require high security and can tolerate serial encryption, such as file encryption.

---

3. CFB mode (Ciphertext Feedback mode)

An improvement to CBC mode

In CFB mode, the plaintext blocks and ciphertext blocks are simply XORed. At this point, the output of the cryptographic algorithm has some of the meaning of a one-time pad.

working principle：

• The first plaintext block is XORed with the initialization vector (IV) and encrypted to produce the first ciphertext block.
• Each subsequent plaintext block is encrypted after being XORed with the previous ciphertext block to generate the corresponding ciphertext block.

advantage：

• Supports parallel decryption.
• Any ciphertext block can be decrypted.

shortcoming：

• Cannot defend against replay attacks.

Application Scenario：

• Real-time communication encryption, such as network data transmission.

---

4. OFB mode (output feedback mode)

Output feedback mode. The output of the cryptographic algorithm is fed back into the input of the cryptographic algorithm.

OFB does not encrypt plaintext through a cryptographic algorithm, but generates ciphertext by XORing the plaintext blocks with the output of the cryptographic algorithm. Therefore, OFB and CFB are somewhat similar.

working principle：

• The initialization vector (IV) is input into the encryption algorithm, which produces a pseudo-random output.
• The plaintext block is XORed with the pseudo-random output to produce a ciphertext block.
• The pseudo-random output is fed back to the encryption algorithm to continue generating the next pseudo-random output.

advantage：

• No padding is required.
• If the ciphertext contains an erroneous bit, only the corresponding plaintext bit will be erroneous.

shortcoming：

• Parallel decryption is not supported.
• There is a risk of bit-flip attacks.

Application Scenario：

• Scenarios that require high error tolerance, such as video stream encryption.

---

Mode selection suggestions

1. ECB mode: Simple and fast, but not safe and not recommended.
2. CBC Mode: Suitable for scenarios with high security requirements, such as file encryption, and recommended.
3. CFB Mode: Suitable for real-time communication, supports parallel decryption, but needs to guard against replay attacks.
4. OFB Mode: Suitable for scenarios with high error tolerance requirements, but does not support parallel decryption.