Chapter 11
Block Cipher Modes of Operation

 11.1 Block Ciphers with Multiple Blocks
 11.2 Electronic Code Book
 11.3 Cipher Block Chaining Mode
 11.4 Cipher Feedback Mode
 11.5 Output Feedback Mode
 11.6 Counter Mode
 11.7 XTS-AES

File: crypto/modes.tex, r1949

This chapter presents common modes of operation available with symmetric block ciphers. Modes of operation allow the block ciphers to be applied to inputs greater than the block size. The difference in designs lead to different security and performance tradeoffs. This chapter is primarily for reference, presenting the modes but with little explanation of each.

Presentation slides that accompany this chapter can be downloaded in the following formats: slides only (PDF); slides with notes (PDF, ODP, PPTX).

11.1 Block Ciphers with Multiple Blocks

Block ciphers operate on fixed length inputs, so the question arises of how are they used to encrypt arbitrary length inputs?

We will not cover each mode of operation in detail, but rather present them so you are aware of some of the common modes. For more technical details of some of these modes of operation, including discussion of padding, error propagation and the use of initialisation vectors, see NIST Special Publication 800-38A Recommendations for Block Cipher Modes of Operation: Methods and Techniques. Additional (newer) modes of operation are in the NIST SP 800-38 series, such as 800-38C CCM, 800-38D GCM and 800-38E XTS-AES.

11.2 Electronic Code Book

Figure 11.1 and Figure 11.2 show the Electronic Code Book (ECB) mode of operation applied for encryption and decryption, respectively.


PIC
Credit: Wikimedia https://commons.wikimedia.org/wiki/File:ECB_encryption.svg, public domain

Figure 11.1: ECB Encryption


PIC
Credit: Wikimedia https://commons.wikimedia.org/wiki/File:ECB_decryption.svg, public domain

Figure 11.2: ECB Decryption

11.3 Cipher Block Chaining Mode

Figure 11.3 and Figure 11.4 show the Cipher Block Chaining (CBC) mode of operation applied for encryption and decryption, respectively.


PIC
Credit: Wikimedia https://commons.wikimedia.org/wiki/File:CBC_encryption.svg, public domain

Figure 11.3: CBC Encryption


PIC
Credit: Wikimedia https://commons.wikimedia.org/wiki/File:CBC_decryption.svg, public domain

Figure 11.4: CBC Decryption

11.4 Cipher Feedback Mode

Figure 11.5 and Figure 11.6 show the Cipher Feedback mode (CFB) mode of operation applied for encryption and decryption, respectively.


PIC
Credit: Wikimedia https://commons.wikimedia.org/wiki/File:CFB_encryption.svg, public domain

Figure 11.5: CFB Encryption


PIC
Credit: Wikimedia https://commons.wikimedia.org/wiki/File:CFB_decryption.svg, public domain

Figure 11.6: CFB Decryption

11.5 Output Feedback Mode

Figure 11.7 and Figure 11.8 show the Output Feedback mode (OFB) mode of operation applied for encryption and decryption, respectively.


PIC
Credit: Wikimedia https://commons.wikimedia.org/wiki/File:OFB_encryption.svg, public domain

Figure 11.7: OFB Encryption


PIC
Credit: Wikimedia https://commons.wikimedia.org/wiki/File:OFB_decryption.svg, public domain

Figure 11.8: OFB Decryption

11.6 Counter Mode

Figure 11.9 and Figure 11.10 show the Counter mode (CTR) mode of operation applied for encryption and decryption, respectively.


PIC
Credit: Wikimedia https://commons.wikimedia.org/wiki/File:CTR_encryption_2.svg, public domain

Figure 11.9: CTR Encryption


PIC
Credit: Wikimedia https://commons.wikimedia.org/wiki/File:CTR_decryption_2.svg, public domain

Figure 11.10: CTR Decryption

11.7 XTS-AES

XTS-AES is a mode of operation designed for AES to be used to encrypt stored data (e.g. disk drives). Compared to CBC, it improves the ability for a receiver to detect if the ciphertext has been changed.