Symmetric Block Modes

7 minutes
Share the link to this page
You need to purchase the class to view this lesson.
One-time Purchase
List Price:  $139.99
You save:  $40
List Price:  د.إ514.18
You save:  د.إ146.92
List Price:  A$182.11
You save:  A$52.03
List Price:  ৳11,901.15
You save:  ৳3,400.57
List Price:  CA$177.84
You save:  CA$50.81
CHF 89.14
List Price:  CHF 124.80
You save:  CHF 35.66
List Price:  kr862.01
You save:  kr246.30
List Price:  €115.89
You save:  €33.11
List Price:  £103.02
You save:  £29.43
List Price:  HK$1,085.42
You save:  HK$310.14
List Price:  ₹10,242.01
You save:  ₹2,926.50
List Price:  RM565.06
You save:  RM161.46
List Price:  ₦55,462.88
You save:  ₦15,847.67
List Price:  kr1,199.74
You save:  kr342.80
List Price:  NZ$195.88
You save:  NZ$55.97
List Price:  ₱6,726.63
You save:  ₱1,922.03
List Price:  ₨22,557.45
You save:  ₨6,445.44
List Price:  S$186.18
You save:  S$53.20
List Price:  ฿4,211.81
You save:  ฿1,203.46
List Price:  ₺1,046.46
You save:  ₺299.01
List Price:  B$741.01
You save:  B$211.73
List Price:  R2,131.70
You save:  R609.10
List Price:  Лв226.90
You save:  Лв64.83
List Price:  ₩154,585.35
You save:  ₩44,170.40
List Price:  ₪460.36
You save:  ₪131.54
Already have an account? Log In


Symmetric block mode encryption is the cornerstone of pretty much everything we do in terms of encryption on the internet. And it works really well. And it's very, very robust. But block encryption has a problem. Now what I'm going to use is a AES encryption as an example here. But what we're going to do is set up a little diagram.

And I want to show you one little problem with block encryption. So let's start off by setting up a little encryption machine. So I want to start off our diagram, here's in the upper right hand corner. Let's make like a little conveyor belt of ones and zeros that are coming out to be encrypted. Remember, the whole idea of block mode is that it's going to take a chunk of ones and zeros. And it's going to drop it into this encryption Bach, where we apply the key and then it is output as encrypted text and I'm going to make another little conveyor belt here as we show each block.

Now I want you to look through Closely here, so as this runs, you're going to see that we're only grabbing eight ones and zeros at a time. Now, if you've been watching in other episodes, you know that we don't do anything in little eight bit chunks, today's powerful symmetric block encryptions, like AAS are going to be working in an absolute minimum at 64 bit chunks. The reason I'm doing little eight bit chunks is just to make the diagram a little bit easier for you to understand. So the bottom line is, is that with any form of symmetric block mode, if you grab a chunk, and you drop it through your encrypter with the key, and you output it, every time you grab a 64 bit chunk, or whatever the chunk size is, and you keep encrypting it with the same key, you're always going to get the same output.

So this mode, which we call electronic codebook is a bit of a problem in that we run into situations where patterns can appear. Let me give you a great example. This cute kid right here is my little grand niece Maddy. Now what I want to do is take this image and I want to encrypt it. So the problem we run into is that the individual pixels and most images are going to be of a particular size. And it depends on the type of file format, jpg, or whatever you might have.

But what will start happening is, if we encrypt this in ECB mode, it's going to end up looking something like this. Yeah, all the individual pixels are encrypted, but because they're encrypted with the same block size with the same key, they keep coming out absolutely identical. So it may not be a black pixel, it might be a yellow pixel. But the bottom line is, I can still make out Miss Maddie there. So we've got a problem with symmetric block encryption. The problem is, is that we can generate patterns that can actually give away our data.

Now in that example I just showed you, we're using a photograph. So it's pretty easy to make that out. We can run into the same types of problems with voice with databases with all kinds of stuff. The patterns aren't as easy to show in a video, but the same problems exist. So what we do is we don't use ECB mode with our symmetric encryptions. What we do instead is we use different types of what are known as blocked modes to obfuscate the data better.

So there are a number of block modes that are on the exam. So what I want to do is go through each one of them. The basic trick to all of these different block modes is that we're going to encrypt something. And then we're going to use that encryption to help encrypt the next one. So we end up there really kind of like a chain. And they're actually very interesting.

They're all on the exam. So let's go through each and every one of these because you're going to see it, you're ready. The first block mode I want to show you is called cipher Block Chaining, or CBC. So we've got our encryption methodology here. We've got our plain text at this Top, we've got our output text, which is going to be we'll start loaded there at the bottom. And here's our encryption.

But we're going to do something different this time. First of all, we're going to add something called an initialization vector. So here's an initialization vector, it is the same size as the blocks themselves. And what we're going to do is before we encrypt it, we're going to take that first block, and we're going to do an XOR against this initialization vector, then we're going to go ahead and encrypt it and put the encryption output down there. But we're also going to keep another copy. And this is going to be used for the next block.

In that way, what's happening is that we're not going to get the exact same data for every different key because we're actually changing it a little bit every time. Next is cipher feedback. Now with cipher feedback, or CFB, you're going to see it's actually pretty similar to what we just looked at. In this case, though, we're going to take that initialization vector And we're going to go ahead and encrypt it. we encrypt the initialization vector. And then we take the output of that encryption, and we XOR it to the first block.

So here we go ahead and hit outputs. And, and it just gets ex ORed to that first block. So it comes in, we put one copy of the output down onto the ciphertext. And then we go ahead and cycle that output, and use that and we go ahead and encrypt that for the next one. Third is output feedback. Now, with output feedback, what we're going to do is we're going to take one initialization vector, and we're going to go ahead and encrypt that.

We're going to take the output of that encryption, and we're going to XOR it to that first block, then we go ahead and put that output there. Now in this case, what's actually kind of interesting is we just keep using that same initialization vector, CTR, or counter is a little bit different than the others. In this particular case, what we're going to have is A nonce value. Now in this particular example, it's only four bits long. But again, in the real McCoys, it's much bigger than this, and then a counter value that continues to increment in binary. So in this case, what we're going to do is we're going to combine the nonce and the counter, we go ahead and encrypt that.

And then we take the first block of the plaintext and export it to create the first block of ciphertext. The next time we do this, all we do is we increment the counter, so the counter gets incremented. We go ahead and concatenate that to the nonce, we encrypt all that, and then we go ahead and take that and output that to the second block. The power of these different forms of block modes is that they get around this limitation of symmetric block encryptions. So by using anything other than ECB, we should be able to do something like this. So here's my cute little niece Maddie one more time and applying Block mode to it, it should look something like this.

Totally randomized data. For the exam, make sure you're aware of the fact that number one, nobody uses ECB anymore. It's simply not done. There are a number of different block modes out there and different types of crypto systems will take advantage of them, depending on what they need for their particular application.

Sign Up


Share with friends, get 20% off
Invite your friends to TabletWise learning marketplace. For each purchase they make, you get 20% off (upto $10) on your next purchase.