Block Cipher Modes of Operation

These are operational rule for generic block cipher that each result in different properties being achieved when they are applied to plaintext consisting of more than one block.

1. Electronics Code Book: Most straight forward way of processing a series of sequentially listed message blocks.

Operations:

• The user takes the first block of plaintext & encrypts it with the key to produce the first block of ciphertext.
• Then take the second block of plaintext & encrypt it with the key to produce the second block of ciphertext.
• This mode is determined i.e if plaintext block $P_1,P_2,P_3……P_m$ areencrypted twice under the same key,the o/p ciphertext blocks will be the same.
• for a given key, we can create a codeblock of ciphertext for all possible plaintext blocks.
• Encryption would then only look up for required plaintext & select the corresponding ciphertext.

e.g

 plaintext:Good            
 Ciphertext:&*/@$
 
      Plaintext: Good Morning
      Ciphertext: &*/@$%&*^#@!

In the above plaintext, the ciphertext for "Good" in both the messages is the same

*suitable only when the repetition of plaintext is less.

Encryption: $C_{i} = E_{k} (P_{i})$

Decryption: $P_{i} = D_{k} (C_{i})$

where,

E = Encryption

D= Decryption

$(P_{i})$ = Plaintext block i

$(C_{i})$ = ciphertext block i

K= secret key

Analysis of ECB mode:

• If any application data usually have partial information which can be guessed for eg range of salary can be guessed, a ciphertext from ECB can allow an attacker to guess the plaintext by trial & error if the plaintext message is within predictable.
• for eg if a ciphertext from the ECB mode is known to encrypt a salary figure, then a small number of trials will allow an attacker to recover the figure, hence we do not prefer to use a deterministic cipher i.e ECB mode.
• Thus, there is a leak in security.

Applications

• The ECB mode of operation is not recommended for encryption of messages of more than one block to be transferred through an insecure channel.
• If the message is short enough to fit in one block, the security.
• Since there is block independency, this mode is useful where the records need to be encrypted before they are stored in a database or decrypted before they are retrieved, because the order of encryption and decryption blocks is not important in this mode thus access to database can be random if each record is a block or multiple blocks.
• Can be used for parallel processing if a very huge database needs to be encrypted.