Cryptography

Block Ciphers

December 16, 2020 by Nitesh Malviya

Encryption and Decryption

Encryption is the process of converting plaintext to encrypted text. Since encrypted text cannot be read by anyone, encrypted text hides the original data from unauthorized users. Decryption is the process of converting encrypted data to plaintext. Basically, it is the reverse of encryption. It is used to decrypt the encrypted data so that only an authorized user can access and read the data. The process entailing encryption and decryption together is called cryptography.

Private and Public Keys in Cryptography

A key is a bit valued string which is used to convert the plaintext into cipher text and vice-versa. A key can be a word, number or phrase. Cryptography makes use of public and private keys. A public key is issued publicly by the organization and it is used by the end user to encrypt the data. The encrypted data, once received by the organization, is decrypted by using a private key and the data is converted to plaintext.

Encryption Types

Cryptography uses symmetric and asymmetric encryption for encryption and decryption of data. If the sender and the recipient of the data use the same key to encrypt and decrypt the data, it’s called symmetric encryption and if the keys are different for encryption and decryption then its asymmetric encryption. 

Now the basics are clear, let’s focus on the Block Ciphers algorithm in this post.

Block Ciphers

Block Ciphers falls under the Symmetric Encryption category. Thus, using Block Ciphers the sender and the recipient of the data uses the same key to encrypt and decrypt the data. 

As the name suggests, Block cipher takes an input of fixed size in the form of a block and converts it into cipher text. The block size in Block Ciphers always remains constant. 

Block Size Consideration

There are few considerations to be made while selecting a block size. They are as follows – 

  1. Avoid small block size – The block size to be used should not be too small in length. If an attacker discovers some cipher text block corresponding to a plain text block, then it’s possible for an attacker to launch Dictionary Attack by building a dictionary of cipher text and plain text pairs. Large block size makes this attack difficult to perform. 
  2. Avoid blocks of bigger size – With bigger block size, it becomes very difficult to operate the cipher.
  3. 8 bit multiples – It is advisable to consider block size of multiple of 8. 8 bits and its multiple are easy to process and don’t need padding. 

Block Cipher Schemes

Block Ciphers has many schemes to operate. Some of the widely used and popular ones are as follows – 

  • DES – Digital Encryption Standard. It’s broken and no more used.
  • Triple DES – Repeated DES. Much stronger algos are available than this.
  • AES – Advanced Encryption Standard.
  • Serpent – Has block size of 128 bits and keys of length – 128,196 or 256 bits. Slower but very secure than other block ciphers.
  • TwoFish – With a block size of 128 bits, it is based on an earlier block cipher called Blowfish which uses a block of 64 bits.
  • IDEA – PGP makes use of this algo.

Modes of Operation

Block Cipher can be implemented and operated in following modes – 

  • ECB – Electronic Code Book. Easiest and simplest mode of all. Parallel Encryption of each block is possible but more prone to cryptanalysis attack.
  • CBC – Cipher Block Chaining. Better version of ECB and widely used of all the modes available. 
  • CFB – Cipher Feedback Mode. 
  • OFM – Output Feedback Mode. 
  • Counter Mode

 

Sources

  1. https://www.geeksforgeeks.org/block-cipher-modes-of-operation/ 
  2. https://www.tutorialspoint.com/cryptography/block_cipher.htm 
  3. https://www.sciencedirect.com/topics/computer-science/block-ciphers 
  4. https://binaryterms.com/block-cipher.html 
Posted: December 16, 2020

Uh-oh!

We've encountered a new and totally unexpected error.

Get instant boot camp pricing

Thank you!

A new tab for your requested boot camp pricing will open in 5 seconds. If it doesn't open, click here.

Articles Author
Nitesh Malviya
View Profile

Nitesh Malviya is a Security Consultant. He has prior experience in Web Appsec, Mobile Appsec and VAPT. At present he works on IoT, Radio and Cloud Security and open to explore various domains of CyberSecurity. He can be reached on his personal blog – https://nitmalviya03.wordpress.com/ and Linkedin – https://www.linkedin.com/in/nitmalviya03/.