Block Cipher Modes 6.2 Flashcards

1
Q

Block Cipher Mode of Operation

A

Encrypt one fixed-length group of bits at a time, otherwise known as a block. Can provide a method of authentication. The block size is fixed, and not all data will fit perfectly into it. Thus, some mode sill require padding before encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is padding?

A

Block cipher algorithms like AES and Triple DES in Electronic Code Book (ECB) and Cipher Block Chaining (CBC) mode require their input to be an exact multiple of the block size. If the plaintext to be encrypted is not an exact size, you need to pad before encrypting by adding a padding string. When decrypting, the receiving party needs to know how to remove the padding.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Padding Methods

A

We need to pad the block with padding bytes to make it up to the required length. There are at least five common conventions:-

Pad with bytes all of the same value as the number of padding bytes
Pad with 0x80 followed by zero bytes
Pad with zeroes except make the last byte equal to the number of padding bytes
Pad with zero (null) characters
Pad with space characters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Electronic Codebook (ECB)

A

The simplest encryption mode. Too simple for most use cases.

Plaintext > Encryption > Ciphertext. Rinse, repeat.

It’s very easy to see what was trying to be encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cipher Block Chaining (CBC)

A

Each plaintext block is XORed with the previous ciphertext block. It adds additional randomization using an Initialization Vector (IV) only for the first block.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Counter (CTR)

A

Block cipher mode / acts like a stream cipher. Encrypts successive values of a “counter”. Plaintext can be any size, since it’s part of the XOR.

Counter1 > Encryption > Plaintext > Ciphertext
Counter2 > Encryption > Plaintext > Ciphertext
Counter3 > Encryption > Plaintext > Ciphertext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Galois/Counter Mode (GCM)

A

Encryption with authentication. Authentication is part of the block mode, combines Counter Mode with Galois Authentication. It has minimum latency, minimum overhead. It is very efficient encryption and authentication. Commonly used in packetized data such as network traffic security (wireless, IPsec, SSH, TLS).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly