Block Cipher Modes of Operation

Block Cipher Modes of Operation
In general, a block cipher mode is a way to encrypt a plaintext P to a ciphertext C, where the plaintext and ciphertext are of an arbitrary length.

Padding
Most block cipher modes require that the length of the plaintext P be an exact multiple of the block size. The solution to this is to pad the plaintext. There are many ways to do this, but the most important rule is that the padding must be reversible.

More detailed:

So how do we pad a plaintext? Let P be the plaintext and let L(P) be the length of P in bytes. Let B be the block size of the block cipher in bytes.

These are one of two simple padding schemes:


 * 1)  Append a single byte with value 128, and then as many zero bytes as required to make the overall length a multiple of B. The number of zero bytes added is in the range 0, .., B -1.


 * 1)   Determine the number of padding bytes required. This is a number n which satisfies 1 =< n =< B and n + L(P) is a multiple of B. Pad the plaintext by appending n bytes, each with value n.

Electronic CodeBook
ECB is the simplest mode that divides the message into blocks and runs each block individually through the cipher. The problem with this method is that identical input produces identical output; therefore you can detect data patterns in the ciphertext. An example of this is shown in the picture below:



TL;DR :

IZ CRAPPY lulz

Cipher Block Chaining
CBC is more secure because it uses the previous cipher blocks to alter the selected cipher block.

In CBC, an initialization vector is used as first variance, and is XOR-ed (Exclusive OR) with the plaintext block before it reaches the cipher. The next plaintext block to be encrypted then uses the cipherblock produced by the previous block-encryption, and XOR-es it with the plainblock before it reaches the cipher. This method causes pseudo-randomness in that identical input does not produce identical output.

Decryption using CBC is similar, except instead of doing the XOR before the plaintext block reaches the cipher, it is XOR-ed after, and the XOR input in the next block encryption is the plaintext block from the previous block encryption, rather than the ciphertext block.

Using CBC mode, the tux picture test above changes into something a little more secure.