Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Block cipher mode of operation
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Padding== {{Main|Padding (cryptography)}} A [[block cipher]] works on units of a fixed [[block size (cryptography)|size]] (known as a ''block size''), but messages come in a variety of lengths. So some modes (namely [[Block cipher modes of operation#ECB|ECB]] and [[Block cipher modes of operation#CBC|CBC]]) require that the final block be padded before encryption. Several [[padding (cryptography)|padding]] schemes exist. The simplest is to add [[Null character|null bytes]] to the [[plaintext]] to bring its length up to a multiple of the block size, but care must be taken that the original length of the plaintext can be recovered; this is trivial, for example, if the plaintext is a [[C (programming language)|C]] style [[Literal string|string]] which contains no null bytes except at the end. Slightly more complex is the original [[Data Encryption Standard|DES]] method, which is to add a single one [[bit]], followed by enough zero [[bit]]s to fill out the block; if the message ends on a block boundary, a whole padding block will be added. Most sophisticated are CBC-specific schemes such as [[ciphertext stealing]] or [[residual block termination]], which do not cause any extra ciphertext, at the expense of some additional complexity. [[Bruce Schneier|Schneier]] and [[Niels Ferguson|Ferguson]] suggest two possibilities<!-- Practical Crypto, sect 5.1 -->, both simple: append a byte with value 128 (hex 80), followed by as many zero bytes as needed to fill the last block, or pad the last block with ''n'' bytes all with value ''n''. CFB, OFB and CTR modes do not require any special measures to handle messages whose lengths are not multiples of the block size, since the modes work by [[Exclusive or|XORing]] the plaintext with the output of the block cipher. The last partial block of plaintext is XORed with the first few bytes of the last [[keystream]] block, producing a final ciphertext block that is the same size as the final partial plaintext block. This characteristic of stream ciphers makes them suitable for applications that require the encrypted ciphertext data to be the same size as the original plaintext data, and for applications that transmit data in streaming form where it is inconvenient to add padding bytes.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)