Block ciphers are cryptographic algorithms that encrypt fixed-size blocks of data
A cryptographic mode of operation for a block cipher describes the different ways that cryptographic algorithm may transform data to achieve sufficient complexity that offer protection against attacks.
This post features cryptographic modes of operation for block cipher.
List of Cryptographic Modes of Operation
Cryptographic modes of operation featured on this post:
- Electronic Code Book (ECB)
- Cipher Block Chaining (CBC)
- Cipher Feedback (CFB)
- Output Feedback (OFB)
- Counter (CTR)
- Galois/Counter (GCM)
- Counter with Cipher Block Chaining Message Authentication Code (CCM)
ECB
Electronic Code Book (ECB): In ECB mode, each block of plaintext is encrypted independently with the same key, which can lead to security vulnerabilities if identical plaintext blocks are present in the input, as they’ll produce identical ciphertext blocks.
CBC
Cipher Block Chaining (CBC): In CBC mode, each plaintext block is XORed with the previous ciphertext block before encryption, adding an element of diffusion to the encryption process. Additionally, an initialization vector (IV) is used to initialize the first block’s encryption.
CFB
Cipher Feedback (CFB): CFB mode allows block ciphers to be used to encrypt plaintext of any length, not just blocks. It operates by encrypting an IV, then XORing the result with the plaintext to produce the ciphertext. This ciphertext is then encrypted to produce the next XOR input.
OFB
Output Feedback (OFB): OFB mode is similar to CFB but instead of encrypting plaintext to produce the XOR input, it encrypts the IV to produce a key stream, which is then XORed with the plaintext to produce the ciphertext.
CTR
Counter (CTR): CTR mode turns a block cipher into a stream cipher. It generates a key stream by encrypting successive values of a counter and XORs this key stream with the plaintext to produce the ciphertext.
GCM
Galois/Counter (GCM): GCM mode provides both confidentiality and authentication. It combines the counter mode of operation with the Galois/Counter Mode (GCM) authenticated encryption algorithm.
CCM
Counter with Cipher Block Chaining Message Authentication Code (CCM): CCM mode combines counter mode for encryption with CBC-MAC for authentication. It’s often used in constrained environments like IoT devices due to its efficiency.
You might also be interested in…
External Resources
- “CISSP Official Study Guide Ninth Edition”, Mike Chaple, James Michael Stewart, Darril Gibson; Sybex; 2021; Chapters 6 “Cryptography and Symmetric Key Algorithms”, pp. 245-246