Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Block cipher mode of operation
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{short description|Cryptography algorithm}} {{Redirect|Mode of operation|"method of operation"|Modus operandi}} [[File:BlockCipherModesofOperation.svg|400px|thumb|right|Six common block cipher modes of operation for encrypting]] In cryptography, a '''block cipher mode of operation''' is an algorithm that uses a [[block cipher]] to provide [[information security]] such as [[confidentiality]] or [[authentication|authenticity]].<ref name="NIST-BLOCK-CIPHER-MODES"> {{cite web |author = NIST Computer Security Division's (CSD) Security Technology Group (STG) |title = Block cipher modes |year = 2013 |work = Cryptographic Toolkit |publisher = NIST |url = http://csrc.nist.gov/groups/ST/toolkit/BCM/index.html |access-date = April 12, 2013 |url-status = live |archive-url = https://web.archive.org/web/20121106212417/http://csrc.nist.gov/groups/ST/toolkit/BCM/index.html |archive-date = November 6, 2012 }}</ref> A block cipher by itself is only suitable for the secure cryptographic transformation (encryption or decryption) of one fixed-length group of [[bit]]s called a [[Block (data storage)|block]].<ref name="FERGUSON"> {{Cite book | author1 = Ferguson, N. | author2 = Schneier, B. | author3 = Kohno, T. | year = 2010 | title = Cryptography Engineering: Design Principles and Practical Applications | publisher = Wiley Publishing, Inc. | location = Indianapolis | isbn = 978-0-470-47424-2 | pages = 63, 64 }}</ref> A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block.<ref name="NIST-PROPOSED-MODES"> {{cite web |author = NIST Computer Security Division's (CSD) Security Technology Group (STG) |title = Proposed modes |year = 2013 |work = Cryptographic Toolkit |publisher = NIST |url = http://csrc.nist.gov/groups/ST/toolkit/BCM/modes_development.html |access-date = April 14, 2013 |url-status = live |archive-url = https://web.archive.org/web/20130402203904/http://csrc.nist.gov/groups/ST/toolkit/BCM/modes_development.html |archive-date = April 2, 2013 }}</ref><ref name="HAC"> {{cite book |author1 = Alfred J. Menezes |author2 = Paul C. van Oorschot |author3 = Scott A. Vanstone |title = Handbook of Applied Cryptography |publisher = CRC Press |year = 1996 |isbn = 0-8493-8523-7 |pages = [https://archive.org/details/handbookofapplie0000mene/page/228 228โ233] |url = https://archive.org/details/handbookofapplie0000mene/page/228 |url-access = registration }}</ref><ref name="ISO-10116"> {{Cite journal |title = ISO/IEC 10116:2006 โ Information technology โ Security techniques โ Modes of operation for an ''n''-bit block cipher |journal = ISO Standards Catalogue |url = http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=38761 |year = 2006 |url-status = live |archive-url = https://web.archive.org/web/20120317153312/http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=38761 |archive-date = 2012-03-17 }}</ref> Most modes require a unique binary sequence, often called an [[initialization vector]] (IV), for each encryption operation. The IV must be non-repeating, and for some modes must also be random. The initialization vector is used to ensure that distinct [[ciphertext]]s are produced even when the same [[plaintext]] is encrypted multiple times independently with the same [[Key (cryptography)|key]].<ref>{{Citation|last1=Conrad|first1=Eric|title=Chapter 3 - Domain 3: Security engineering|date=2017-01-01|url=http://www.sciencedirect.com/science/article/pii/B9780128112489000036|work=Eleventh Hour CISSPยฎ (Third Edition)|pages=47โ93|editor-last=Conrad|editor-first=Eric|publisher=Syngress|language=en|doi=10.1016/b978-0-12-811248-9.00003-6|isbn=978-0-12-811248-9|access-date=2020-11-01|last2=Misenar|first2=Seth|last3=Feldman|first3=Joshua|editor2-last=Misenar|editor2-first=Seth|editor3-last=Feldman|editor3-first=Joshua|url-access=subscription}}</ref> Block ciphers may be capable of operating on more than one [[Block size (cryptography)|block size]], but during transformation the block size is always fixed. Block cipher modes operate on whole blocks and require that the final data fragment be [[Padding (cryptography)|padded]] to a full block if it is smaller than the current block size.<ref name="FERGUSON"/> There are, however, modes that do not require padding because they effectively use a block cipher as a [[stream cipher]]. Historically, encryption modes have been studied extensively in regard to their error propagation properties under various scenarios of data modification. Later development regarded [[integrity protection]] as an entirely separate cryptographic goal. Some modern modes of operation combine [[confidentiality]] and [[authentication|authenticity]] in an efficient way, and are known as [[authenticated encryption]] modes.<ref name="NIST-CURRENT-MODES"> {{cite web |author = NIST Computer Security Division's (CSD) Security Technology Group (STG) |title = Current modes |year = 2013 |work = Cryptographic Toolkit |publisher = NIST |url = http://csrc.nist.gov/groups/ST/toolkit/BCM/current_modes.html |access-date = April 12, 2013 |url-status = live |archive-url = https://web.archive.org/web/20130402203842/http://csrc.nist.gov/groups/ST/toolkit/BCM/current_modes.html |archive-date = April 2, 2013 }}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)