Working mode of block cipher

the application background of block cipher working mode : Multiple packet encryption with the same key is used multiple times, which can cause many security problems. In order to deal with different situations, it is necessary to develop different working modes to enhance the security of cryptographic algorithms.

1.ECB(Electronic Codebook)

Especially suitable for small data situations, for very long information or information with a specific structure, its large number of duplicate information or a fixed character beginning will give the cipher analyst a large number of known Mingmiven pairs. If the plaintext is not a complete grouping, theECB needs to be populated.

2.CBC(Cipher Block Chaining)

Since each input to the cryptographic algorithm does not have a fixed relationship with the plaintext group, even if there are duplicate plaintext groups, the encryption is not visible. To match the needs of the algorithm, there is an initial vector (IV). As with the ECB There is a fill mechanism to guarantee a complete grouping.

3,CFB(Cipher Feedback)

As with OFB,CTR mode, the block cipher can be used as the stream password (which is actually reduced by any size of the grouping).

　　

mode, the clear text is disassembled into s bit ( generally 8 1 ) a ⊕ b ⊕ b = A In fact, the principle of this pattern decryption is completely unrelated to the symmetric encryption algorithm, and thus its decryption is not the decryption algorithm corresponding to the symmetric encryption algorithm.

With the MSBs (x) representing the leftmost s bit of x , its encryption and decryption can be described as follows

C1 = p1⊕MSBs[e (K,IV)]

P1 = c1⊕MSBs[e (k,iv)] = p1⊕MSBs[e (K,IV)]⊙MSBs[e (k,iv)] = P1

In fact, this mode sacrifices the computational power to exchange the form of stream cipher , and its construction is inconsistent with the typical structure of stream cipher.

4,OFB(Output Feedback)

the structure of the OFB is similar to that of the CFB , which fills the shift register with the output of the cryptographic function, while the CFB populates the shift register with cipher elements. The other difference is thattheOFB pattern is to operate on the entire plaintext and ciphertext groupings, rather than just the subset of s bits, thus not wasting computational power.

If the last packet length of the clear text is smaller than the packet size, No padding is required, similar to the shift and discard operations of the CFB.

OFB also has an initialization vector, but it is unique for every cryptographic operation because the middle value in the dashed line , Oi, relies only on K and the initial vector, and if the initial vector is not changed, it is very susceptible to attack. It is therefore necessary to contract or transmit this initialization vector.

In fact OFB only the key and initialization vectors are involved in symmetric encryption , and its encryption and decryption are described as follows

Ci = Pi⊕E (k,oi)

Pi = Ci⊕E (k,oi)

One advantage of OFB is that because the plaintext groupings do not participate in the symmetric encryption process, some errors on the ciphertext groupings do not affect the decryption of other ciphertext groupings.

But its shortcomings are also the result of this feature, if the attacker changes a part of the ciphertext may not be detected, so that its message integrity is difficult to verify.

The OFB has a typical stream cipher structure, and the symmetric encryption method is equivalent to the method of generating a stream cipher based on the key.

4.CTR(Counter)

The counter uses the same length as the clear text packet, and the counter is first initialized to a certain value, and then incremented by 1with the increment counter of the message Block. When encrypting, the counter is encrypted with the clear text group or get ciphertext group, there is no link. The value of the initial counter must be known when decrypting.

If the last packet length of the clear text is smaller than the packet size, No padding is required, similar to the shift and discard operations of the CFB.

Advantages of CRT mode:

1, the hardware efficiency is high, compared with three kinds of link mode,CTR can encrypt and decrypt in parallel.

2, the software efficiency is high, can make full use of its parallel characteristics for parallel computing

3, because the encryption and decryption process is not Reimingwen and ciphertext, so can be pre-processing to improve efficiency

4, can randomly access a clear text or ciphertext group for partial encryption and decryption

6. xts-aes mode for packet-oriented storage devices

This is a new mode of operation that describes a method of encrypting data on a sector-based device.

Encrypted stored data (also called Quiesce data) is somewhat different from the requirement for encrypted data transfer.

Single-packet encryption and decryption can be described as

　　

　　

Reversible Proof:

C = CC⊙t = e (k1,pp)⊙t = e (k1,p⊙t)⊙t

P = PP⊙t = d (k1,cc)⊙t = d (k1,c⊙t)⊙t

= D (K1,e (k1,p⊙t))⊙t = P⊙t⊙t= P

It is precisely because of the introduction of fine tuning parameters so that different storage locations of the same plaintext encryption into different ciphertext.

The last of the disgruntled packet processing

If the last packet is not long enough, encrypt and decrypt the last two packets using the ciphertext-stealing technique instead of the fill technique.

As with CTR mode,the Xts-aes mode is suitable for parallel execution,but thexts-aes mode contains a time-variant value (parameter i ) and a counter (parameter J).

Working mode of block cipher