Which one does not affect the cryptographic strength of block ciphers?
Show
In this article:Symmetric encryption algorithms are categorized into two: block and stream ciphers. This article explores block cipher vs. stream cipher, their respective operation modes, examples, and key differences. However, before delving into these in detail, let us understand the basics first. Symmetric
cryptography (key cryptography/private key cryptography) involves using a shared key/secret to access an encoded message between two entities. The sender shares the key cipher with the receiver to decrypt the message. The encryption algorithm emulates a one-time pad system to protect the original message from unauthorized access. The cipher algorithms generate a truly random key cipher used only once with the one-time pad system. Anyone who does not possess the secret/key cannot
interpret the encrypted message. Block ciphers encrypt data in blocks of set lengths, while stream ciphers do not and instead encrypt plaintext one byte at a time. The two encryption approaches, therefore, vary widely in implementation and use cases. Block ciphers convert data in plaintext into
ciphertext in fixed-size blocks. The block size generally depends on the encryption scheme and is usually in octaves (64-bit or 128-bit blocks). If the plaintext length is not a multiple of 8, the encryption scheme uses padding to ensure complete blocks. For instance, to perform 128-bit encryption on a 150-bit plaintext, the encryption scheme provides two blocks, 1 with 128 bits and one with the 22 bits left. 106 Redundant bits are added to the last block to make the entire
block equal to the encryption scheme’s ciphertext block size. While Block ciphers use symmetric keys and algorithms to perform data encryption and decryption, they also require an initialization vector (IV) to function. An initialization vector is a pseudorandom or random sequence of characters used to encrypt the first block of characters in the plaintext block. The resultant ciphertext for the first block of characters acts as the initialization vector for the
subsequent blocks. Therefore, the symmetric cipher produces a unique ciphertext block for each iteration while the IV is transmitted along with the symmetric key and does not require encryption. Block encryption algorithms offer high diffusion; that is, if a single plaintext block were subjected to multiple encryption iterations, it resulted in a unique ciphertext block for each iteration. This makes the encryption scheme relatively tamper-proof since it is difficult for
malicious actors to insert symbols into a data block without detection. On the other hand, block ciphers have a high error propagation rate since a bit of change in the original plaintext results in entirely different ciphertext blocks. Several block cipher modes of operation have been developed to enable the encryption of multiple blocks of long data. These modes fall into two categories:
Confidentiality-only and Authenticated encryption with additional data modes. The Confidentiality-only cipher mode of operation focuses on keeping communication between two parties private. These modes include: Authenticated encryption with additional data – This mode of operation for block ciphers ensures data authenticity and confidentiality. This mode can be further sub-divided into: Block ciphers form the basis of most modern cipher suites. Some commonly used block cipher encryption standards include: Data Encryption Standard (DES) A 56-bit symmetric key algorithm was initially used to protect sensitive, confidential information. DES has since been withdrawn due to short key length and other security concerns but is still viewed as a pioneer encryption standard. Advanced
Encryption Standard (AES) A popular block cipher that encrypts data in blocks of 128 bits using 128, 192, and 256-bit symmetric keys. The underlying block cipher uses substitution-permutation and transposition techniques to produce ciphertext by shuffling and replacing input data in a sequence of linked computations. AES is a globally accepted encryption standard since cryptanalysis efforts against its algorithms have been unsuccessful. Twofish Twofish is an encryption standard that uses a Feistel network, a complex key schedule, and substitution techniques to separate the key and ciphertext. The standard encrypts plaintext data in blocks of128 bits, with flexible key sizes between 128 and 256 bits long. Other encryption schemes that use block ciphers include 3DES, Serpent, and Blowfish, among others. What are Stream Ciphers?A stream cipher encrypts a continuous string of binary digits by applying time-varying transformations on plaintext data. Therefore, this type of encryption works bit-by-bit, using keystreams to generate ciphertext for arbitrary lengths of plain text messages. The cipher combines a key (128/256 bits) and a nonce digit (64-128 bits) to produce the keystream — a pseudorandom number XORed with the plaintext to produce ciphertext. While the key and the nonce can be reused, the keystream has to be unique for each encryption iteration to ensure security. Stream encryption ciphers achieve this using feedback shift registers to generate a unique nonce (number used only once) to create the keystream. Encryption schemes that use stream ciphers are less likely to propagate system-wide errors since an error in the translation of one bit does not typically affect the entire plaintext block. Stream encryption also occurs in a linear, continuous manner, making it simpler and faster to implement. On the other hand, stream ciphers lack diffusion since each plaintext digit is mapped to one ciphertext output. Additionally, they do not validate authenticity, making them vulnerable to insertions. If hackers break the encryption algorithm, they can insert or modify the encrypted message without detection. Stream ciphers are mainly used to encrypt data in applications where the amount of plain text cannot be determined and in low latency use-cases. Types of Stream CiphersStream ciphers fall into two categories: Synchronous stream ciphers The keystream block is generated independently of the previous ciphertext and plaintext messages in a synchronous stream cipher. The most common stream cipher modes use pseudorandom number generators to create a string of bits and combine it with the key to form the keystream, which is XORed with the plaintext to generate the ciphertext. Self-synchronizing/asynchronous stream ciphers A self-synchronizing stream cipher, also known as ciphertext autokey, generates the keystream block as a function of the symmetric key and fixed size (N-bits) of the previous ciphertext block. Altering the ciphertext alters the content of the next keystream so that asynchronous stream ciphers can detect active attacks. These ciphers also offer limited error propagation since a single-digit error can affect N bits at most. Examples of Stream CiphersPopular encryption schemes that use stream ciphers include: Rivest Cipher (RC4) RC4/ARC4/ARCFOUR is a fast, simple encryption algorithm developed in 1987 to implement byte-by-byte encryption using 64 or 128 bits long keys. RC4 is widely used in Transport Layer Security, Secure Sockets Layer, and the IEEE 802.11 WLAN standard. The popular encryption scheme comes in various flavors, including SPRITZ, RC4A, and RC4A+, among others. Salsa20 Salsa20 is an efficient, modern encryption cipher that relies on an expansion function to produce the encryption keystream. In addition, Salsa20 depends on a core function that maps the key, a nonce digit, and constant vectors extracted from the expansion function to the keystream using add-rotate-XOR (ARX) operations. Software-optimized Encryption Algorithm (SEAL) SEAL is an additive binary stream cipher optimized for machines with 32-bit CPUs and sufficient memory resources. The encryption standard relies on a pseudorandom family that uses a length-increasing function and a 160-bit key to map the 32-bit string to a string of any length. Other examples of stream ciphers include PANAMA, Scream, Rabbit, HC-256, and Grain, among others. Key differences Between Block and Stream CiphersBit conversionBlock ciphers transform plaintext 1 block (64/128/256 bits) at a time, while stream ciphers convert plaintext to ciphertext 1 byte at a time. This makes block ciphers slower since an entire block has to be accumulated before the data is encrypted/decrypted. In contrast, stream ciphers encrypt bits of data into individual symbols one at a time. Translation principleStream ciphers utilize only the confusion principle to transform data, ensuring data confidentiality. On the other hand, block ciphers use data diffusion and confusion to encrypt plaintext. Block ciphers can, therefore, be used to implement authenticated encryption for enhanced security. ReversibilityStream ciphers use an XOR operation on the plaintext to create ciphertext. Stream-based encryption is easily reversed by XORing the ciphertext outputs. Block ciphers encrypt more bits at a time, making the decryption comparatively complex. Video ExplanationBlock cipher explained in a video Stream cipher explained in a video Get a quick security audit of your website for free nowWe are analyzing https://example.com Scanning target https://example.com Scan status: In progress Scan target: http://example.com/laskdlaksd/12lklkasldkasada.a Date: 28/10/2022 Crashtest Security Suite will be checking for: Information disclosure Known vulnerabilities SSL misconfiguration Open ports Complete your scan request Please fill in your details receive the Security specialist is analyzing your scan report. Thank you. We have received your request. Which of the following ciphers are the block ciphers?AES, DES, and 3DES are examples of block ciphers.
Which are four block cipher modes of operations used in cryptography?There are several kinds of modes of using block ciphers. The most studied four are the Electronic Codebook (ECB) mode, the Cipher Block Chaining (CBC) mode, the Cipher Feedback Chaining (CFB) mode, and the Output Feedback Chaining (OFB) mode [216].
What is block ciphers in cryptography?A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic key and algorithm. The block cipher processes fixed-size blocks simultaneously, as opposed to a stream cipher, which encrypts data one bit at a time.
Which one is considered as a disadvantage of block cipher?They have the disadvantage of slower encryption speed since the entire block must be captured for encryption/decryption. Block ciphers also breed errors since a mistake in just one symbol could alter the whole block.
|