Bob needs to send a message to Alice and will use AES with one of the five diffe
ID: 3702238 • Letter: B
Question
Bob needs to send a message to Alice and will use AES with one of the five different modes of operation (ECB, CBC, CFB, OFB, CTR). Bob and Alice have already secretly agreed on a key and (if needed) an initialization vector. If the mode of operation allows for advance computations, Alice has plenty of time to do these computations using the key and initialization vector before any ciphertext arrives from Bob. For each of the 5 modes, write a short paragraph that includes the following:
Describe what computations (if any) can be done in advance. Given the advance computations, describe the relative complexity (i.e. speed of computation) for the required computations needed to complete the decryption after the ciphertext is received by Alice. Discuss the need (or not) for padding.
Explanation / Answer
Five standard modes of operations are:-
1.> ECB - Electronic Code Book
2.> CBC - Cipher Block Chaining
3.> CFB - Cipher Feedback
4.> OFB - Output Feedback
5.> CTR - Counter
1.> ECB :- It is a mode of operation for block cipher. The same plaintext value will always results in the same ciphertext value. It is used when a volume of plaintext is separated into several blocks of data and then encrypted independently into other blocks. It supports separate encryption key for dfferent block type. Advance encryption standard is the most popular symmetric block cipher algorithm. Previously, the side channels attack have been shown to be effective in breaking the secret keys used with AIS. If we want the plaintext to be encrypted which is not a exact multiple then we need to do paading before encrypting by adding a padding string. While decrypting, the receiving party need to know how to remove the padding in an unambigious manner.
2.> CBC:- It is a block of operation for block cipher. Block cipher is the one in which a sequence of bits are encrypted as a single unit or block. Cipher block chaining is used as an intialization vector at a certain length. The intialization vector should be different for two messages encrypted with same key. It provides data confidentiality for energy constrained device. If our data is smaller than the blocksize then we do padding to our plaintext to have its size match to the block size. But since these modes of operation are still using blockcipher which is underlying to encrypt data. It means they can only encrypt a multiple of the blocksize. Hence, we can say there are multiple methods to pad data.
3.> CFB :- It is a modes of operation which defines how multiple blocks are encrypted. It is used the same way no matter what encrypt function is used in the middle. The cool thing about this is that we can easily decrypt the arbitary data in the middle of the stream. Typical attacks against stream ciphers also works. Block Cipher is used in encryption mode at both ends to yield ps-random bitstream. In CFB error propagates for several blocks after the error. Padding is not required as ciphertext is always the same length as the paintext and a padding method is not applicable.
4.> OFB:- It has some similarities to the ciphertext feedback mode in that it permits encryption of different block sizes , but has the key difference that output of the encryption block function is the feedback. The XOR value of each plaintext block is created independently of both the plaintext and the ciphertext. It is this mode when there can be no tolerance for error propogation. Here feedback is independent of the message. It moves vulnerable to message stream modification. Sender and receiver always remain in sync. In this mode of operation we present only it's ECB and CBC modes which requires the last block to be padded before encryption. Padding is not required as ciphertext is always the same length as the paintext and a padding method is not applicable.
5.>CTR:- A new modes to be proposed early on. It is similar to OFB but encrypts counter value rather than any feedback value. This must have a random access to encrypted data blocks and provides more security than other modes. It never uses key/counter value otherwise can also break. It can do parallel encryptions in hardware and software. It is good for bursty high speed links. Padding is not required as ciphertext is always the same length as the paintext and a padding method is not applicable.