2. Cipher block Chaining Mode (CBC Mode):
Encryption:
$C_{0} = IV$
$C_{i} = E_{k}(P_i ⊕ C_{i-1})$
Decryption:
$C_{0} = IV$
$P_{i} = D_{k}(C_i ) ⊕ (C_{i-1})$
Operations:
- Load the ‘n’ bit initialization vector (IV) in the top register.
- XOR the ‘n’ bit plaintext block with data value in top register.
- Encrypt the result of XOR operation with underlying block cipher with key ‘k’.
- feed ciphertext block into top register & continue the operation till all plaintext blocks are processed.
- for decryption, IV data is XORed with 1st ciphertext block decrypted, the first ciphertext block is also fed into the register replacing IV for decrypting next ciphertext block.
Analysis of CBC mode:
- In CBC mode, the current plaintext block is added to the previous ciphertext block & then the result is encrypted with key. Decryption is thus the reverse process, which involves decrypting the current ciphertext & then adding the previous ciphertext block to the result.
- It is not used to encrypt and decrypt random access files record, as encryption and decryption require access to the previous records.
Advantage over ECB:
- Changing IV results in different ciphertext for ‘identical message’
Disadvantage
- The error in the transmission gets propagated to few further block during decryption due to chaining effect.
Applications
- CBC mode forms the basis for a well-known data origin authentication mechanism. Thus it is an advantage for those applications that require both symmetric encryption & data origin authentication.
e.g Plaintext$\phantom{sds}$GOOD$\phantom{sds}$MORNING GOOD
$\phantom{jhgjhghjhgsds}$ $\downarrow$ $\phantom{sds}$ $\phantom{asfasd}\downarrow$
$\phantom{sd}$Ciphertext$\phantom{sds}$\$/@$\phantom{sds}$123@/# xz@\$