Cipher Block Chaining (CBC).

Block ciphers encrypt only fixed-size blocks. If we want to encrypt something that isn't exactly one block large, we have to use a 'block cipher mode'.

CBC, or cipher block chaining, is one of most widely used such block cipher modes.

If we have plaintext of length equal to exactly m * block size length, then we can use CBC. This property can be ensured using proper 'padding'.

The standard formulation of CBC is as follows:

Ci = E(K, Pi XOR Ci-1) for i = 1 , .... , m .


Ci : i-th ciphertext block to compute.
E : Encryption function.
K : Cryptographic key.
Pi : i-th plaintext block to encrypt.
XOR : bitwise arithmetic exclusive alternative operation.
i : index (for iteration).
m : number of fixed side ciphertext blocks.

Padding is filling ciphertext block with numbers in a way that ensures that block is fully filled and that this padding can be reversed. For example we can append 128 number to the end of ciphertext block then fill the rest with zeros.

Using CBC also helps to ensure that in case of two the same plaintext blocks, ciphertext blocks differ. It increases security.

One of problems that arise, when using CBC is protecting first n-bit block(s) from unautorized decryption. Solution to this is to use Initialization Vector (IV) which can be XOR-ed with first block(s). Initialization Vector can use random number or nonce (number used only once), or other less reliable solutions. With nonce-generated IV, messages received should be reejected if they have nonce used before. Nonce(s) used for message(s) should be agreed before transmission, between sender and receiver, somehow. Perhaps downloaded (preferably using digital signature for security), perhaps exchanged offline.

No comments:

Post a Comment