Cryptography Reference
In-Depth Information
However, if we use CFB mode then we do not have to do this. We process the
first three 128-bit blocks as previously described. When the time comes to encrypt
the third 'block', instead of padding we simply XOR the remaining 16 plaintext
bits to the rightmost 16 bits of the contents of the bottom register and send the 16
resulting ciphertext bits. Likewise, the receiver only uses the rightmost 16 bits of
the bottom register when decrypting these final 16 bits.
PROPERTIES OF CFB MODE
The main properties of CFB mode can thus be summarised as follows:
Message dependence
. By incorporatingmessage dependence, using a block cipher
in CFB mode provides protection against ciphertext manipulation, frequency
analysis and dictionary attacks.
Limited error propagation
. Although error propagation does occur, it is strictly
controlled and is not significantly worse than for ECB mode.
No synchronisation required
. Even though CFB mode involves message
dependence, it does not require synchronisation in the sense that the receiver
could miss the beginning of the ciphertext and still succeed in decrypting from
the point that the ciphertext is received. This is because the feedback (and
hence the contents of the top and bottom registers) is determined only by the
most recently received ciphertext block.
Efficiency
. CFB mode is only slightly less efficient to implement than ECB mode
when used with full feedback since the additional overhead consists of the
extremely fast XOR operation. However, in this regard, the more common
versions of CFB mode such as 8-bit CFB are less efficient since they involve
repeated multiple encryptions for each block of plaintext. For example, 8-bit
CFB mode using a 128-bit block cipher requires 16 encryption operations for
each 128 bits of plaintext.
Implementation aspects
. As discussed earlier, there is no need to pad the
plaintext. In addition, there is no need to implement block cipher decryption
when using CFB mode, which may save some implementation costs.
4.6.3
Cipher Block Chaining mode
An alternative way of providing message dependence is to use
Cipher Block
Chaining
(CBC) mode. This has broadly similar properties to CFB mode, but
is subtly different in the way it operates.
ENCRYPTION USING CBC MODE
CBC mode encryption is illustrated in Figure 4.11. The CBC encryption process
proceeds as follows:
1. Put an initialisation vector (IV) into the top register. As for CFB mode, the IV has
to be known by the sender and receiver (see Section 4.6.2 for discussion of
how this could be facilitated).
