Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Initialization vector
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Motivation== [[File:Tux ECB.png|thumb|Insecure encryption of an image as a result of [[electronic codebook]] mode encoding.]] A [[block cipher]] is one of the most basic [[cryptographic primitive|primitive]]s in cryptography, and frequently used for data [[encryption]]. However, by itself, it can only be used to encode a data block of a predefined size, called the [[block size (cryptography)|block size]]. For example, a single invocation of the [[Advanced Encryption Standard|AES]] algorithm transforms a 128-bit [[plaintext]] block into a [[ciphertext]] block of 128 bits in size. The [[cryptographic key|key]], which is given as one input to the cipher, defines the mapping between plaintext and ciphertext. If data of arbitrary length is to be encrypted, a simple strategy is to split the data into blocks each matching the cipher's block size, and encrypt each block separately using the same key. This method is not secure as equal plaintext blocks get transformed into equal ciphertexts, and a third party observing the encrypted data may easily determine its content even when not knowing the encryption key. To hide patterns in encrypted data while avoiding the re-issuing of a new key after each block cipher invocation, a method is needed to [[randomization|randomize]] the input data. In 1980, the [[National Institute of Standards and Technology|NIST]] published a national standard document designated [[Federal Information Processing Standard]] (FIPS) PUB 81, which specified four so-called [[Block cipher mode of operation|block cipher modes of operation]], each describing a different solution for encrypting a set of input blocks. The first mode implements the simple strategy described above, and was specified as the [[electronic codebook]] (ECB) mode. In contrast, each of the other modes describe a process where ciphertext from one block encryption step gets intermixed with the data from the next encryption step. To initiate this process, an additional input value is required to be mixed with the first block, and which is referred to as an ''initialization vector''. For example, the [[cipher-block chaining]] (CBC) mode requires an unpredictable value, of size equal to the cipher's block size, as additional input. This unpredictable value is added to the first plaintext block before subsequent encryption. In turn, the ciphertext produced in the first encryption step is added to the second plaintext block, and so on. The ultimate goal for encryption schemes is to provide [[semantic security]]: by this property, it is practically impossible for an attacker to draw any knowledge from observed ciphertext. It can be shown that each of the three additional modes specified by the NIST are semantically secure under so-called [[chosen-plaintext attack]]s.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)