Cipher Block Chaining (CBC)

From CryptoWiki
Jump to: navigation, search

(CBC) Cipher Block Chaining - one of symmetric encryption schemes with feedback use. Each block of a clear text (except the first) is added (modulo 2 addition, XOR) bit-by-bit to result of the previous encryption. Encrypting the first block, the vector of initialization (IV) is used. It is coordinated by the sender and the recipient before encrypting/decrypting process begins.

There are some different modifications of this scheme:

  • (BC) block chaining
  • Cipher Block Chaining with random IV (initialization vector)
  • Cipher block chaining with checksum
  • Propagating cipher block chaining
  • Cipher block chaining of plaintext difference


Contents

Security challenge

The main feature of this scheme of encryption is that identical blocks of the clear text belongs to one message, are ciphered into various blocks of cipher text.

Here are the main characteristics of this scheme:

  • If one bit of the transfered message will be corrupted, it will damage the one more following block. Other blocks would be safe.
  • In case of loss or an insert at least one bit into cipher text, there will be a shift of bits and borders of blocks that will lead to a wrong decryption of all subsequent blocks of cipher text
  • The malefactor can add blocks by the end of the ciphered message, supplementing with that a clear text
  • Two identical messages have identical cipher texts if the same initialization vector (initialization vector (IV)) was used.

Theoretical issues

The flowchart of work of the CBC scheme

Mathematically encrypting process can be described as follows:

Encryption: CBC 1.PNG

Decryption: CBC 2.PNG

where ECB 2.PNG is the clear text, Mi.PNG – blocks of clear text, N-bit each, t – the whole number of blocks of clear text, ECB 3.PNG – blocks of ciphertext corresponding to blocks of clear text Mi.PNG, Ek.PNG and Dk.PNG – encryption/decryption schemes on the key k, IV – initialization vector.

Let's prove that encryption and deccryption lead to one clear text:

CBC 3.PNG

CBC CTS (CipherText Stealing)

The flowchart of work of the scheme in the CBC CTS mode

The last block of the clear text (number t) can contain less than N bits. In that case it is necessary to supplement it, what isn't always possible. In that case it is reasonable to apply CTS (CipherText Stealing) scheme which allows to use the CBC mode without supplementing extra bits to clear text to make it divisible by N (just as ECB CTS).

Practical issues

The flow chart of DES in CBC mode

The symmetric encryption schemes CBC is often used for encrypting messages. However parallel processing is impossible because of feature of work as the mechanism of formation of a chain is used. For the same reason the scheme of CBC don't use when enciphering arrays of files with direct access (databases). Rather often the scheme of CBC is applied to establishing authenticity of the message (signature).

Let's talk about DES algorithm in CBC mode in more detail:

the initial file M, according to the scheme of CBC, splits into blocks on 8 bytes (64 bits). Each block of a clear text (except the first) is added (modulo 2 addition, XOR) bit-by-bit to result of the previous encryption. Encrypting the first block, the vector of initialization (IV) is used. It is coordinated by the sender and the recipient before encrypting/decrypting process begins.

Глоссарий (Glossary)

Bibliography

Symmetric encryption schemes bibliography

References to other issues about Symmetric_encryption_schemes: References to other issues about Symmetric_encryption_schemes:

  1. (ECB) Electronic Code Book
  2. (CBC) Cipher Block Chaining
  3. (BC) block chaining
  4. (CFB) Cipher Feed Back
  5. (OFB) Output Feed Back