Cryptography Reference
In-Depth Information
3. Take the first ciphertext block
C
1
and XOR this to the contents of the bottom
register. Since the contents of the bottom register match that of the receiver
just before the receiver encrypted
P
1
, the result of this is
P
1
, our first block of
plaintext.
4. Now replace the contents of the top register with
C
1
. (We have just fed back
that ciphertext again.)
5. Repeat again from step 2. In other words, encrypt the contents of the top
register (which is now
C
1
) with the key; place the result in the bottom register;
take the next ciphertext block
C
2
and add this to the contents of the bottom
register (because the contents of the bottom register now match that of the
receiver just before the receiver encrypted
P
2
, the result of this is
P
2
); replace
the contents of the top register with
C
2
. Continue in this manner until the last
ciphertext block has been added to the contents of the bottom register to
generate the last plaintext block.
A very strange feature of CFB mode is that we actually
decrypt
the ciphertext
using only the
encryption
process of the block cipher. When using CFB mode we
never use the decryption algorithm of the block cipher to 'decrypt' anything! This
at first may seem paradoxical.
However, thinking about CFB mode in a slightly different way, it should be
apparent that CFB mode is really converting a block cipher into a type of stream
cipher. The encryption algorithm is never used directly to encrypt the plaintext,
but is rather used as a keystream generator to produce keystream that is placed in
the bottom register. This keystream is then XORed to the plaintext in the style of a
streamcipher. Thus the receiver also uses the encryption algorithm to generate the
same keystreamthat is needed to decrypt the ciphertext. This observation is crucial
to understanding part of the motivation behind the design of modes of operation
such as CFB mode. By converting a block cipher into a stream cipher through the
use of CFB mode, we may gain some of the advantageous properties of a stream
cipher that were discussed in Section 4.2.4, while preserving the advantageous
properties of a block cipher that were discussed in Section 4.3.2.
REDUCED FEEDBACK CFB MODE
One of the advantages of a stream cipher that was identified in Section 4.2.4 was
the ability to perform on-the-fly encryption. We now briefly indicate how CFB
mode can be used to provide this.
At the beginning of our discussion we mentioned that there are several variants
of CFB mode. Most practical implementations of CFB mode operate in a slightly
different way to the processes described in Figures 4.8 and 4.9. Themain difference
is that these variants tend to process the plaintext in groups of bits that are smaller
than the block size of the encryption algorithm.
For example, when using an encryption algorithm with a block size of 128 bits
in
8-bit CFB mode
, the plaintext is processed in units of 8 bits at a time. Thus only
8 of the 128 bits in the bottom register are XORed to the plaintext, producing
