UNIT 2

BLOCK CIPHER
▪A block cipher is a method of encrypting data in
blocks to produce ciphertext using a cryptographic
key and algorithm.
▪The block cipher processes fixed-size blocks
simultaneously, as opposed to a stream cipher, which
encrypts data one bit at a time.
▪Most modern block ciphers are designed to encrypt
data in fixed-size blocks of either 64 or 128 bits.
BLOCK CIPHER WORK
▪ A block cipher uses a symmetric key and algorithm to encrypt and decrypt a block of
data.
▪ A block cipher requires an initialization vector (IV) that is added to the input plaintext in
order to increase the keyspace of the cipher and make it more difficult to use brute
force to break the key.
▪ The IV is derived from a random number generator, which is combined with text in the
first block and the key to ensure all subsequent blocks result in ciphertext that does
not match that of the first encryption block.
▪ The block size of a block cipher refers to the number of bits
that are processed together. Data Encryption Standard (DES)
and Advanced Encryption Standard (AES) are both
symmetric block ciphers.
▪ The DES block cipher was originally designed by IBM in 1975
and consisted of 64-bit blocks and a 56-bit key. This cipher is
not considered secure anymore, due to the short key size,
and was replaced in 1998 by AES. AES uses a 128-bit block
size and a 128-, 192- or 256-bit key size.
ELECTRONIC CODE BOOK
(ECB)
▪ Electronic code book is the easiest block cipher mode of
functioning.
▪ It is easier because of direct encryption of each block of input
plaintext and output is in form of blocks of encrypted ciphertext.
▪ Generally, if a message is larger than b bits in size, it can be
broken down into a bunch of blocks and the procedure is repeated.
ADVANTAGES OF USING ECB
•Parallel encryption of blocks of bits is possible, thus
it is a faster way of encryption.
•Simple way of the block cipher
DISADVANTAGES OF USING
ECB
▪Prone to cryptanalysis since there is a direct
relationship between plaintext and ciphertext.
CIPHER BLOCK CHAINING
▪ Cipher block chaining or CBC is an advancement made on ECB
since ECB compromises some security requirements.
▪ In CBC, the previous cipher block is given as input to the next
encryption algorithm after XOR with the original plaintext block.
▪ In a nutshell here, a cipher block is produced by encrypting an
XOR output of the previous cipher block and present plaintext
block.
ADVANTAGES OF CBC
•CBC works well for input greater than b bits.
•CBC is a good authentication mechanism.
•Better resistive nature towards cryptanalysis than ECB.
DISADVANTAGES OF CBC
▪ Parallel encryption is not possible since every encryption requires a
previous cipher
CIPHER FEEDBACK MODE
(CFB)
▪ In this mode the cipher is given as feedback to the next block of
encryption with some new specifications: first, an initial vector IV
is used for first encryption and output bits are divided as a set
of s and b-s bits.
▪ The left-hand side s bits are selected along with plaintext bits to
which an XOR operation is applied.
▪ The result is given as input to a shift register having b-s bits to lhs,s
bits to rhs and the process continues.
▪ The encryption and decryption process for the same is shown
below, both of them use encryption algorithms.
ADVANTAGES OF CFB
▪Since, there is some data loss due to the use of shift
register, thus it is difficult for applying cryptanalysis.
DISADVANTAGES OF USING
CFB
▪The drawbacks of CFB are the same as those of CBC
mode. Both block losses and concurrent encryption of
several blocks are not supported by the encryption.
Decryption, however, is parallelizable and loss-tolerant.
OUTPUT FEEDBACK MODE
▪ The output feedback mode follows nearly the same process as the Cipher
Feedback mode except that it sends the encrypted output as feedback instead of
the actual cipher which is XOR output.
▪ In this output feedback mode, all bits of the block are sent instead of sending
selected s bits.
▪ The Output Feedback mode of block cipher holds great resistance towards bit
transmission errors.
▪ It also decreases the dependency or relationship of the cipher on the plaintext.
ADVANTAGES OF OFB
▪ In the case of CFB, a single bit error in a block is propagated to all
subsequent blocks. This problem is solved by OFB as it is free from
bit errors in the plaintext block.
DISADVANTAGES OF OFB
▪The drawback of OFB is that, because to its operational
modes, it is more susceptible to a message stream
modification attack than CFB.
COUNTER MODE
▪ The Counter Mode or CTR is a simple counter-based block cipher
implementation.
▪ Every time a counter-initiated value is encrypted and given as input
to XOR with plaintext which results in ciphertext block.
▪ The CTR mode is independent of feedback use and thus can be
implemented in parallel.
ADVANTAGES OF COUNTER
• Since there is a different counter value for each block, the direct
plaintext and ciphertext relationship is avoided. This means that the
same plain text can map to different ciphertext.
• Parallel execution of encryption is possible as outputs from
previous stages are not chained as in the case of CBC.
DISADVANTAGES OF
COUNTER
▪ The fact that CTR mode requires a synchronous counter at both the
transmitter and the receiver is a severe drawback. The recovery of
plaintext is erroneous when synchronisation is lost.
ADVANCED ENCRYPTION
STANDARD
▪ The more popular and widely adopted symmetric encryption
algorithm likely to be encountered nowadays is the Advanced
Encryption Standard (AES).
▪ It is found at least six time faster than triple DES.

▪ A replacement for DES was needed as its key size was too small.
With increasing computing power, it was considered vulnerable
against exhaustive key search attack.
▪ Triple DES was designed to overcome this drawback but it was
found slow.
FEATURES OF AES
▪Symmetric key symmetric block cipher
▪128-bit data, 128/192/256-bit keys
▪Stronger and faster than Triple-DES
▪Provide full specification and design details
▪Software implementable in C and Java
OPERATION OF AES
ENCRYPTION PROCESS
▪ Here, we restrict to description of a typical
round of AES encryption. Each round
comprise of four sub-processes. The first
round process is depicted below
BYTE SUBSTITUTION
(SUBBYTES)
▪The 16 input bytes are substituted by looking
up a fixed table (S-box) given in design. The
result is in a matrix of four rows and four
columns.
SHIFTROWS
▪ First row is not shifted.

▪ Second row is shifted one (byte) position to

the left.
▪ Third row is shifted two positions to the left.

▪ Fourth row is shifted three positions to the

left.
▪ The result is a new matrix consisting of the
same 16 bytes but shifted with respect to
each other.
MIXCOLUMNS
▪ Each column of four bytes is now
transformed using a special mathematical
function. This function takes as input the
four bytes of one column and outputs four
completely new bytes, which replace the
original column. The result is another new
matrix consisting of 16 new bytes. It
should be noted that this step is not
performed in the last round
ADDROUNDKEY
▪ The 16 bytes of the matrix are now
considered as 128 bits and are XORed to
the 128 bits of the round key. If this is the
last round then the output is the ciphertext.
Otherwise, the resulting 128 bits are
interpreted as 16 bytes and we begin
another similar round.
DECRYPTION PROCESS
▪ The process of decryption of an AES ciphertext is similar to the encryption process in the
reverse order. Each round consists of the four processes conducted in the reverse order −

▪ Add round key

▪ Mix columns
▪ Shift rows
▪ Byte substitution