Cryptography Reference
In-Depth Information
first ciphertext block, we run it through the deciphering transformation, then
it with the
IV; this yields the first plaintext block
P 1 =
D
(
C 1 )
IV, since
D ( C 1 ) IV
= D ( E ( P 1 IV)) IV
= P 1 IV IV
=
P 1
0
P 1
We can then regain each subsequent plaintext block
=
P i , because we just use the decryp-
tion transformation, and the previous ciphertext block
C i 1 ,
D ( C 2 ) C 1 = D ( E ( P 2 C 1 ) C 1 = P 2 C 1 C 1 = P 2 0 = P 2
D ( C 3 ) C 2 = P 3
P n
Figure 10.6 shows a diagram showing CBC encryption:
It should be clear that by reversing this operation, decryption coupled with CBC regains
the plaintext. (See Figure 10.7.)
D
(
C n )
C n 1 =
FIGURE 10.6
IV = initialization vector
P(i) = i-th plaintext block
C(i) = i-th ciphertext block
Cipher Block Chaining - CBC
E = enciphering transformation
+ = exclusive-or
P(i)
C(i-1)
+
E
C(i)
C(0) = IV
FIGURE 10.7
IV = initialization vector
P(i) = i-th plaintext block
C(i) = i-th ciphertext block
Cipher Block Chaining - CBC
E' = deciphering transformation
+ = exclusive-or
P(i)
C(i-1)
+
E'
C(i)
C(0) = IV
Search WWH ::




Custom Search