Cryptography - Block Cipher


A Block cipher is a cipher where the unit of process is a block.

A family of functions and their inverse functions that is parameterized by cryptographic keys.

The functions map bit strings of a fixed length to bit strings of the same length

The specifications of the block cipher and algorithms and the modes are public, so the security of the mode depends, at a minimum, on the secrecy of the key.

Cryptographic Key

see Cryptography - Key


For any given key, the underlying block cipher algorithm of the mode also consists of two functions that are inverses of each other.


These two functions are often called:

Forward Cipher Function (Forward Cipher Operation)

One of the two functions of the block cipher algorithm that is selected by the cryptographic key.

Inverse Cipher Function (Inverse Cipher Operation)

The function that reverses the transformation of the forward cipher function when the same cryptographic key is used.

Input / Output

The inputs and outputs of both functions are called input blocks and output blocks. The input and output blocks of the block cipher algorithm have the same bit length, called the block size.


The input to the encryption processes of the CBC, CFB, and OFB modes includes:

  • the plaintext, represented as a sequence of bit strings (for all modes)
  • a data block called the initialization vector (IV). The IV is used in an initial step in the encryption of a message and in the corresponding decryption of the message.


Input Block

An Input Block is a data block that is an input to either the forward cipher function or the inverse cipher function of the block cipher algorithm.

Output Block

A data block that is an output of either the forward cipher function or the inverse cipher function of the block cipher algorithm.

Confidentiality Mode

Confidentiality Mode: a mode that is used to encipher plaintext and decipher ciphertext.

The confidentiality modes in the recommendation are the:


Mode of Operation (Mode)

An algorithm for the cryptographic transformation of data that features a symmetric key block cipher algorithm.

A mode of operation describes how to repeatedly apply a cipher's single-block operation.

The modes may be used in conjunction with any symmetric key block cipher algorithm.

Block cipher modes operating :

  • on block as a whole require that the last part of the data be padded to a full block if it is smaller than the current block size.
  • on block as a stream cipher does not require padding. See wiki/Stream_cipher

See wiki/Block_cipher_mode_of_operation


approved modes of operation by the US National Institute of Standards and Technology (NIST)

Recommendations regarding modes of operation of symmetric key block ciphers. See SP800-38A

  • Electronic Codebook (ECB),
  • Cipher Block Chaining (CBC),
  • Cipher Feedback (CFB),
  • Output Feedback (OFB),
  • Counter (CTR)


The XTS-AES mode was designed for the cryptographic protection of data on storage devices that use fixed length data units.


ECB - Electronic Codebook




CTS: ciphertext stealing


Cipher Block Chaining


Cipher Feedback

In the CFB mode, Data Segment (Segment) is a sequence of bits whose length is a parameter that does not exceed the block size.


Output Feedback.

Documentation / Reference

Discover More
Block Cipher - Padding

Padding fill the last block of a file to be processed by a block cipher. For the , , and modes, the plaintext must be a sequence of one or more complete data blocks (or, for CFB mode, data segments)....
Crypto - initialization vector (IV) or starting variable (SV)

Most block cipher modes require a unique binary sequence, often called an initialization vector (IV), for each encryption operation. same as salt ? An initialization vector (IV) is a data block that...
Cryptography - Advanced Encryption Standard (AES)

AES is a symmetric block cipher with a block size of 128-bit (16 octets) . Advanced_Encryption_Standard

Share this page:
Follow us:
Task Runner