A family of functions and their inverse functions that is parameterized by cryptographic keys.
The functions map bit strings of a fixed length to bit strings of the same length
The specifications of the block cipher and algorithms and the modes are public, so the security of the mode depends, at a minimum, on the secrecy of the key.
Forward Cipher Function (Forward Cipher Operation)
One of the two functions of the block cipher algorithm that is selected by the cryptographic key.
Inverse Cipher Function (Inverse Cipher Operation)
The function that reverses the transformation of the forward cipher function when the same cryptographic key is used.
The input to the encryption processes of the CBC, CFB, and OFB modes includes:
- the plaintext, represented as a sequence of bit strings (for all modes)
- a data block called the initialization vector (IV). The IV is used in an initial step in the encryption of a message and in the corresponding decryption of the message.
An Input Block is a data block that is an input to either the forward cipher function or the inverse cipher function of the block cipher algorithm.
A data block that is an output of either the forward cipher function or the inverse cipher function of the block cipher algorithm.
Confidentiality Mode: a mode that is used to encipher plaintext and decipher ciphertext.
The confidentiality modes in the recommendation are the:
approved modes of operation by the US National Institute of Standards and Technology (NIST)
Recommendations regarding modes of operation of symmetric key block ciphers. See SP800-38A
- Electronic Codebook (ECB),
- Cipher Block Chaining (CBC),
- Cipher Feedback (CFB),
- Output Feedback (OFB),
- Counter (CTR)
The XTS-AES mode was designed for the cryptographic protection of data on storage devices that use fixed length data units.
ECB - Electronic Codebook
CTS: ciphertext stealing
Cipher Block Chaining
In the CFB mode, Data Segment (Segment) is a sequence of bits whose length is a parameter that does not exceed the block size.