Modes of Block Cipher

1 8/12/2025
2 8/12/2025
 Block Cipher
⚫ Encryption algorithms categories based on
input : block cipher , stream cipher

⚫ A block cipher is an encryption algorithm

--takes a fixed-size input (b bits) and produces
a ciphertext of b bits.

⚫ If the input is larger than b bits, it can be

divided further.

3 8/12/2025
4 8/12/2025
 Block Cipher Modes of Operation
⚫ Symmetric-key encryption can be

done using modern block ciphers.

⚫ Block Cipher Modes of Operation are methods

that determine how to encrypt and decrypt

large amounts of data securely using block
ciphers

5 8/12/2025
 Modes of Operations

6 8/12/2025
 Mode How It Works Application Areas
- Encrypting small, random data
Each block encrypted
like keys in a key database.-
independently. Identical plaintext
1. Electronic Codebook (ECB) Digital watermarking where
blocks produce identical ciphertext
identical data patterns are
blocks.
acceptable.
Each plaintext block is XORed
- File encryption (e.g., OpenSSL
with the previous ciphertext block
2. Cipher Block Chaining (CBC) AES-CBC).- Database
before encryption. Requires an
encryption for structured data.
Initialization Vector (IV).

- Secure communication
Turns a block cipher into a stream
streams (SSH, Telnet).-
3. Cipher Feedback (CFB) cipher; encrypts IV, then XORs
Error-prone channels where bit
with plaintext.
errors must not propagate too far.
- Satellite communication.-
Similar to CFB but the keystream
Wireless links where
4. Output Feedback (OFB) is generated independently of the
precomputed keystreams help
plaintext.
reduce latency.

Uses an incrementing counter - High-speed VPNs.- Disk

encrypted to produce a encryption (BitLocker,
5. Counter Mode (CTR)
keystream, then XOR with TrueCrypt).- Database field
plaintext. Parallelizable. encryption.

7 8/12/2025
 Why a particular mode is chosen for a
particular application
⚫ Modes of operation decide how multiple
blocks are linked together and how to handle
messages longer or shorter than the block size.

Different applications have different needs

-refer next slide

8 8/12/2025
 Different applications have different needs

Application Requirement Best-Fit Mode(s) Why This Mode Fits

Allows encrypting/decrypting
Random-access storage
XTS-AES, CTR individual blocks without
encryption (e.g., disk sectors)
touching the rest of the file.

Network communication (e.g., GCM, CCM (authenticated Ensures confidentiality and

TLS, VPN) modes) integrity in one step.

File encryption (e.g., backups, Good for bulk data, can

CBC, GCM
archives) handle large files securely.

No need to wait for previous

Low-latency streaming CTR, OFB
block to finish; parallelizable.

Allows encryption of individual

Database field encryption CTR, GCM
fields without breaking others.

9 8/12/2025
 Electronic Codebook Mode (ECB)

Plaintext is divided into N blocks of size n-bits

10 8/12/2025
 Security Issues
⚫ Advantages of using ECB
⚫ Parallel encryption of blocks of bits is possible, thus
it is a faster way of encryption.
⚫ Simple way of the block cipher.
⚫ Disadvantages of using ECB
⚫ Prone to cryptanalysis since there is a direct
relationship between plaintext and ciphertext.
⚫ Identical plaintext blocks produce identical
ciphertext blocks, which can reveal patterns.

11 8/12/2025
 Error Propagation
⚫ A single bit error in transmission can

create errors in several bits in the

corresponding block.

⚫ However, the error does not have any

effect on the other blocks.

12 8/12/2025
 Applications
⚫ One area where the independency of the

cipher text block is useful where records

need to be encrypted before they are stored
in the database or decrypted before they are
retrieved.

⚫ Because order of encryption and decryption

of blocks is not important in this mode.

13 8/12/2025
Cipher Block Chaining Mode (CBC)

14 8/12/2025
 Initialization Vector (IV)
⚫ The initialization vector (IV) should be

known by the sender and the receiver.

Although keeping the vector secret is not
necessary, the integrity of the vector plays
an important role in the security of CBC
mode; IV should be kept safe from change.

⚫ A pseudorandom number can be selected

by the sender and transmitted through a

15 secure channel as the IV. 8/12/2025
 Security Issues
⚫ Patterns at the block levels are not preserved. Equal
plaintext blocks belonging to the same message are
enciphered into different ciphertext blocks. However, if
two messages are equal, their encipherment is the same
if they use the same IV. Hence different IVs must be
different. For this reason, some people recommend the
use of a timestamp as an IV.

⚫ Attacker can add some ciphertext blocks to the end of

the ciphertext stream.

16 8/12/2025
 Error Propagation
⚫ In CBC mode, a single bit error in ciphertext block

Cj during transmission may create error in most

bits in plaintext block Pj during decryption.

⚫ However, this single error toggles only one bit in

plaintext block Pj+1.

⚫ Plaintext blocks Pj+2 to PN are not affected by this

single bit error.

⚫ A single bit error in ciphertext is self-recovered.

17 8/12/2025
 Applications
⚫ Used to encipher messages.

⚫ Because of chaining process, parallel

processing is not possible.

⚫ CBC is not used to encrypt and decrypt

random access file records because

encryption and decryption require access to
previous records.

18 8/12/2025
 Cipher Feedback Mode (CFB)

19
8/12/2025
 Security Issues
⚫ The patterns at the block level are not
preserved.
⚫ More than one message can be encrypted
with the same key, but the value of the IV
should be changed each time for each
message.
⚫ Eve can add some ciphertext block to the end
of the ciphertext stream.

20 8/12/2025
 Error Propagation
⚫ In CFB, a single bit error in ciphertext block

Cj during transmission creates a single bit

error in plaintext block Pj.

⚫ However, most of the bits in the following

plaintext blocks are in error as long as some

bits of Cj are still in the shift register.

⚫ After the shift register is totally refreshed,

the system recovers from the error.

21 8/12/2025
 Applications
⚫ CFB mode of operation can be used to

encipher blocks of small size such as one

character or one bit at a time.

22 8/12/2025
 Output Feedback Mode (OFB)

23 8/12/2025
 Security Issues
⚫ Patterns at the block level are not

preserved.

⚫ Any change in the ciphertext affects the

plaintext decrypted at the receiver side.

24 8/12/2025
 Error Propagation
⚫ Each bit in the ciphertext is independent

of the previous bits.

⚫ Thus error propagation is avoided.

⚫ A single error in the ciphertext affects only

the corresponding bit in the plaintext.

25 8/12/2025
 Counter Mode (CTR)

CTR does not use Feedback.

26 8/12/2025
 Security Issues and Error
Propagation
⚫ The security issues for the CTR mode are

the same as the those for OFB mode.

⚫ A single error in the ciphertext affects only

the corresponding bit in the plaintext.

27 8/12/2025
 Comparison

28 8/12/2025