Cryptography Reference
In-Depth Information
of the bits coincide, they will not be able to predict exactly
which
bits will be
the same.
Need for padding
. Block ciphers operate on fixed block sizes (such as 128 bits) but
the length of most plaintexts is not a multiple of the block size. For example, a
400-bit plaintext fills three 128-bit blocks but then has
400
−
(3
×
128)
=
400
−
384
=
16
bits left over. The last group of bits needs to be 'filled out' with redundant
information so that the length of the final plaintext is a multiple of the block
size. In our example, the remaining 16 bits need to have 112 redundant bits
added to them to make up a full block. The process of filling up the last block
is referred to as
padding
. This might not seem to be a big deal, but there are a
couple of issues that arise concerning padding:
1. Padding introduces a degree of inefficiency. For example, if we only want to
send a plaintext of one ASCII character (8 bits) then using AES in the manner
of Figure 4.3 would require a significant message expansion from 8 bits to
128 bits.
2. Padding can introduce insecurity into a cryptosystem. There have been exam-
ples in the past of padding schemes being exploited to break cryptosystems.
For this reason padding should only be introduced by following a recognised
padding scheme
. These typically involve introducing fixed bit patterns or
encoding information such as the length of the plaintext into the padded bits.
4.3.3
Block cipher algorithms
In contrast to stream ciphers, there are dozens of publicly known block ciphers
that are available for use. The choice can seem daunting. However the ground
rules for selecting a publicly known encryption algorithm that we outlined in
Section 1.5.4 very much apply here. While there are many publicly known block
cipher algorithms, there are relatively few that can be classified according to the
terminology of Section 1.5.4 as either
respected
or
default
. Some examples of
prominent block ciphers are:
AES
: A default block cipher based on the encryption algorithm
Rijndael
that won
the AES design competition. We discuss AES in greater detail in Section 4.5.
DES
: The default block cipher of the 1980s and 1990s, but now a 'broken' block
cipher, due primarily to its small key size. The two variants based on repeated
DES applications commonly known as
Triple DES
are still respected block
ciphers, although there are now faster block ciphers available. We discuss DES
and Triple DES in greater detail in Section 4.4.
IDEA
: A respected block cipher with a block size of 64 and a key size of 128, dating
from 1991. IDEA has been supported by a number of applications, including
