Cryptography Reference
In-Depth Information
first ciphertext block, we run it through the deciphering transformation, then
it with the
IV; this yields the first plaintext block
P
1
=
D
(
C
1
)
IV, since
D
(
C
1
)
IV
=
D
(
E
(
P
1
IV))
IV
=
P
1
IV
IV
=
P
1
0
P
1
We can then regain each subsequent plaintext block
=
P
i
, because we just use the decryp-
tion transformation, and the previous ciphertext block
C
i
1
,
D
(
C
2
)
C
1
=
D
(
E
(
P
2
C
1
)
C
1
=
P
2
C
1
C
1
=
P
2
0 =
P
2
D
(
C
3
)
C
2
=
P
3
P
n
Figure 10.6 shows a diagram showing CBC encryption:
It should be clear that by reversing this operation, decryption coupled with CBC regains
the plaintext. (See Figure 10.7.)
D
(
C
n
)
C
n
1
=
FIGURE 10.6
IV = initialization vector
P(i) = i-th plaintext block
C(i) = i-th ciphertext block
Cipher Block Chaining - CBC
E = enciphering transformation
+ = exclusive-or
P(i)
C(i-1)
+
E
C(i)
C(0) = IV
FIGURE 10.7
IV = initialization vector
P(i) = i-th plaintext block
C(i) = i-th ciphertext block
Cipher Block Chaining - CBC
E' = deciphering transformation
+ = exclusive-or
P(i)
C(i-1)
+
E'
C(i)
C(0) = IV
Search WWH ::
Custom Search