Cipher Block Chaining (CBC)

Loading...

From the course by University of Colorado System

Symmetric Cryptography

36 ratings

University of Colorado System

Symmetric Cryptography

36 ratings

Course 2 of 4 in the Specialization Applied Cryptography

Welcome to Symmetric Cryptography! Symmetric cryptography relies on shared secret key to ensure message confidentiality, so that the unauthorized attackers cannot retrieve the message. The course describes substitution and transposition techniques, which were the bases for classical cryptography when the message is encoded in natural language such as English. Then, we build on product ciphers (using both substitution and transposition/permutation) to describe modern block ciphers and review the widely used cipher algorithms in DES, 3-DES, and AES. Lastly, we enable the use of block ciphers to support variable data length by introducing different modes of block cipher operations in ECB, CBC, CFB, OFB, and CTR modes. This course is cross-listed and is a part of the two specializations, the Applied Cryptography specialization and the Introduction to Applied Cryptography specialization.

From the lesson

Block Cipher Operation Modes

Given a cipher and a key, this module reviews how to use block cipher operation modes when the data spans across multiple blocks. The module describes five popular operation modes: ECB, CBC, CFB, OFB, and CTR mode.

Cipher Block Chaining (CBC)4:39

Meet the Instructors

Sang-Yoon Chang
Assistant Professor
Computer Science

While ECB took the wrong key itself and used that repeatedly across the blocks,

we now want a more sophisticated way to encrypt a plain text over

multiple blocks that will also obfuscate the regular pattern of the data.

To do so, we will introduce chaining to make

the ciphertext dependent on all blocks before it,

in contrast to ECB,

whose operations were independent across blocks.

The first we will review is the cipher block chaining or CBC mode.

As its name indicates,

CBC mode chains the previous ciphertext block

with the current message block before the cipher function.

CBC mode is applicable whenever large amounts of data need to be sent

securely provided that all data is available beforehand.

For example, email or web data.

This figure illustrates the cipher block chaining

or CBC mode where the top corresponds to

encryption and the bottom corresponds to the decryption.

As it's shown, CBC takes the previous ciphertext block

and change it with the current plaintext block before the encryption cipher function.

In this way, because of the XOR,

the input to the encryption function for each plaintext block,

bares no fixed relationship to the plaintext block.

Therefore, in contrast to ECB mode,

the repeating patterns of B bits are not exposed.

For decryption, each cipher block is passed through the decryption function.

The result is XORed,

with the preceding ciphertext block to produce the plaintext block.

Focusing on the right side of the screen,

we can express the operations mathematically.

For encryption, the ciphertext of the current block I,

is the output of

the encryption cipher function where the encryption function takes the input

of the K and the XOR between

the plaintext I and a ciphertext I minus one from the previous ciphertext block.

For block one or I equals to one,

which is the starting block lacking C Sub-Zero,

the initialization value or IV is used for the chaining input on the XOR.

To reverse the encryption process,

the receive ciphertext and the key gets inputted to

the decryption function and the output of the function

gets XORed with the previous block ciphertext.

In other words, for block I,

piece of I is equal to decryption of K, C sub-I.

XOR with C sub-I minus one.

The initialization value or the IV,

is the same length as the encryption function block.

In this case, b bits law.

The IV needs to be secret against the attacker to

protect them through the randomness of

the chains that get input to the XOR across the blocks.

For Alice and Bob to agree on the IV,

ECB mode can be used to securely communicate the IV value before the use of CBC mode.

An issue that arises with block modes is,

how to handle the last block which may

not be complete and may lack bits from the plaintext.

For CBC mode, if the plaintext does not fully occupy it,

we need to pad the last block.

In contrast, the stream cipher like

operation modes that we will discuss in the following lessons,

do not require data padding.

Due to the chaining, CBC provides an avalanche effect.

Suppose in the encryption process in block one,

something has changed and it changed the ciphertext to C sub-X.

Then now, that change affects not only itself,

but also the rest of the blocks due to the ciphertext chaining of CBC.

In other words, in CBC mode,

changing the data affects and changes all of the subsequent data.

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online.

© 2019 Coursera Inc. All rights reserved.

Download on the App Store

Get it on Google Play