Cryptography Reference
In-Depth Information
s
i
−
1
s
i
C
r
i
⊕
x
i
y
i
Figure 2.9.
CFB mode.
2.2.4 Cipher Feedback (CFB)
The plaintext
x
is split into
x
n
, and the ciphertext
y
is the concate-
nation of blocks which are obtained iteratively. We still have an initial vector IV. As
depicted in Fig. 2.9, the encryption is according to the following rules.
-bit blocks
x
1
,...,
x
=
x
1
||
x
2
||···||
x
n
s
1
=
IV
r
i
=
truncL
(
C
(
s
i
))
y
i
=
x
i
⊕
r
i
s
i
+
1
=
truncR
64
(
s
i
||
y
i
)
y
=
y
1
||
y
2
||···||
y
n
The simple version of the CFB mode with
set to the block length (here 64 bits) is
depicted in Fig. 2.10. As for the OFB mode and since the first block is encrypted by a
one-time pad, IV need not be secret, but must be fresh (i.e. used only once).
x
1
x
2
x
3
x
n
···
⊕
⊕
⊕
⊕
C
C
C
IV
y
1
y
2
y
3
y
n
···
Figure 2.10.
CFB mode with
Set to the block length.
Search WWH ::
Custom Search