Java Reference
In-Depth Information
8.1.4 Block Ciphers and Stream Ciphers
Symmetric key ciphers consist of two types of ciphers—
block
and
stream ciphers
. A block cipher is
the one where the message to be encrypted is split into ixed-length blocks of data. hese blocks
will pass through the encryption algorithm, where several mathematical functions are performed
for substitution and transposition. For instance, if a data block of 256 bits in plaintext is being
encrypted by a block cipher of 128 bits, then the block cipher would split the data block into two
blocks of 128 bits and encrypt these blocks. DES was the earliest block cipher developed by IBM
in the 1970s. Block ciphers have several modes of operations while encrypting and decrypting
data, some of them adding higher degrees of complexity to the encryption process, thereby mak-
ing it diicult for the attacker to break the encrypted data. Block ciphers are ideal for iles and
database encryption as the data can be split into blocks of data to be encrypted and decrypted.
Stream ciphers, on the other hand, are quite diferent from block ciphers. Stream ciphers han-
dle the data or the message not as a block but as a stream, where each bit of the stream is subjected
to encryption. Stream ciphers use what is known as
keystream
generators
, which is nothing but the
stream generated based on the key given for encrypting and decrypting the data. A stream cipher
is ideal for encrypting voice traic, streaming media, and so on, where the data cannot be split
into chunks of data for encryption.
8.1.5 Block Cipher Modes of Encryption
Symmetric block ciphers have modes of encryption that govern the way the algorithms function.
Each algorithm has diferent modes that may be developed based on the implementation in hard-
ware/software. hese modes also vary with the level of protection provided by one mode of encryp-
tion, vis-à-vis the other. he modes of encryption and their characteristics are enumerated below:
◾
Electronic code book
◾
Cipher block chaining
◾
Cipher feedback
◾
Output feedback
8.1.5.1 Electronic Code Book (ECB)
he electronic code book mode of encryption is quite simple to understand. he encryption algo-
rithm and the key process the data block to produce a block of ciphertext. In the ECB mode, for the
same block of data, with the same key, the same block of ciphertext is always generated. Although
the ECB is the fastest mode, it is also the least secure. he reasons for that are quite obvious—the
ECB does not provide any randomness to the process of encryption, thereby causing the problem
of patterns developing if identical cleartext is encrypted with the same encryption algorithm and
the same key. ECB is the only block cipher mode of encryption that does not require the use of an
initialization vector. If the cleartext block provides the same ciphertext on every single occasion,
patterns in a data block are not hidden very well and it is easier for a cryptanalyst to be able to
decipher the cleartext. he functioning of the ECB is highlighted in Figure 8.5.
here is a funny story about the ECB. he popular online game
Phantasy Star Online: Blue
Burst
used Blowish as the encryption algorithm and ECB as the mode of encryption. Cheaters
often used the “monster killed” encrypted Blowish data block to gain experience points in the
game quickly, because the message had the same ciphertext every single time.
Search WWH ::
Custom Search