12/30/20182 Min Read — In Security

To list some basic ciphers

One Time Pad

Key has the same length, or longer than, the message being sent.
Its secure against one-time ciphertext-only attack. (Shannon, 1949)

Stream Cipher

OTP key is as long the message.
Why not using a shorter pseudo‐random key to generate stream ciphertext ?

alt text

However, Stream Cipher is not perfect. There are two things to keep in mind.

  1. Key can only be used for single message. Below is the diagram shows why

  2. No integrity: ciphertext can be modified in meaningful ways.

Block Cipher

A block cipher takes a block of plaintext bits and generates a block of ciphertext bits, generally of same size. The size of block is fixed in the given scheme. The choice of block size does not directly affect to the strength of encryption scheme. The strength of cipher depends up on the key length.

It might sound straightforward to implement by simply dividing input text into blocks and applying hash functions. But its not correct.
For example,

Also, what if we encrypt the same message twice ? Can attacker learn the fact these two messages are actually the same ?
To solve issues above, nonce-based encryption and cipher block chaining (CBC) come to play

nonce-based Encryption

nonce n: a value that changes from msg to msg. (k,n) pair never used more than once

  1. Method 1: encryptor chooses a random nonce (e.g. 128 bits)
  2. Method 2: nonce is a counter (e.g. packet counter)

Cipher Block Chaining

Cipher block chaining (CBC) is a mode of operation for a block cipher (one in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block). Cipher block chaining uses what is known as an initialization vector (IV) of a certain length. One of its key characteristics is that it uses a chaining mechanism that causes the decryption of a block of ciphertext to depend on all the preceding ciphertext blocks. As a result, the entire validity of all preceding blocks is contained in the immediately previous ciphertext block.

FYI, the counter mode, which speeds up the encryption process by leveraging threads.

© 2020 by Warren. All rights reserved.
Last build: 11/28/2021