About
A Block cipher is a cipher where the unit of process is a block.
A family of functions and their inverse functions that is parameterized by cryptographic keys.
The functions map bit strings of a fixed length to bit strings of the same length
The specifications of the block cipher and algorithms and the modes are public, so the security of the mode depends, at a minimum, on the secrecy of the key.
Cryptographic Key
Function
For any given key, the underlying block cipher algorithm of the mode also consists of two functions that are inverses of each other.
Name
These two functions are often called:
- and decryption.
Forward Cipher Function (Forward Cipher Operation)
One of the two functions of the block cipher algorithm that is selected by the cryptographic key.
Inverse Cipher Function (Inverse Cipher Operation)
The function that reverses the transformation of the forward cipher function when the same cryptographic key is used.
Input / Output
The inputs and outputs of both functions are called input blocks and output blocks. The input and output blocks of the block cipher algorithm have the same bit length, called the block size.
Input
The input to the encryption processes of the CBC, CFB, and OFB modes includes:
- the plaintext, represented as a sequence of bit strings (for all modes)
- a data block called the initialization vector (IV). The IV is used in an initial step in the encryption of a message and in the corresponding decryption of the message.
Block
Input Block
An Input Block is a data block that is an input to either the forward cipher function or the inverse cipher function of the block cipher algorithm.
Output Block
A data block that is an output of either the forward cipher function or the inverse cipher function of the block cipher algorithm.
Confidentiality Mode
Confidentiality Mode: a mode that is used to encipher plaintext and decipher ciphertext.
The confidentiality modes in the recommendation are the:
Mode
Mode of Operation (Mode)
An algorithm for the cryptographic transformation of data that features a symmetric key block cipher algorithm.
A mode of operation describes how to repeatedly apply a cipher's single-block operation.
The modes may be used in conjunction with any symmetric key block cipher algorithm.
Block cipher modes operating :
- on block as a whole require that the last part of the data be padded to a full block if it is smaller than the current block size.
- on block as a stream cipher does not require padding. See wiki/Stream_cipher
Approved
approved modes of operation by the US National Institute of Standards and Technology (NIST)
Recommendations regarding modes of operation of symmetric key block ciphers. See SP800-38A
- Electronic Codebook (ECB),
- Cipher Block Chaining (CBC),
- Cipher Feedback (CFB),
- Output Feedback (OFB),
- Counter (CTR)
- XTS-AES
XTS-AES
The XTS-AES mode was designed for the cryptographic protection of data on storage devices that use fixed length data units.
ECB
ECB - Electronic Codebook
CTR
CTS
CTS: ciphertext stealing
CBC
Cipher Block Chaining
CFB
Cipher Feedback
In the CFB mode, Data Segment (Segment) is a sequence of bits whose length is a parameter that does not exceed the block size.
OFB
Output Feedback.