Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Block cipher
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Iterated block ciphers=== Most block cipher algorithms are classified as ''iterated block ciphers'' which means that they transform fixed-size blocks of [[plaintext]] into identically sized blocks of [[ciphertext]], via the repeated application of an invertible transformation known as the ''round function'', with each iteration referred to as a ''round''.<ref>{{cite book|author1=Junod, Pascal |author2=Canteaut, Anne|author2-link=Anne Canteaut |name-list-style=amp |title=Advanced Linear Cryptanalysis of Block and Stream Ciphers|publisher=IOS Press|year=2011|isbn=9781607508441|page=2|url=https://books.google.com/books?id=pMnRhjStTZoC&pg=PA2}}</ref> Usually, the round function ''R'' takes different ''round keys'' ''K<sub>i</sub>'' as a second input, which is derived from the original key:<ref>{{cite book | first1 = Jean-Philippe | last1 = Aumasson | date = 6 November 2017 | title = Serious Cryptography: A Practical Introduction to Modern Encryption | publisher = No Starch Press | pages = 56 | isbn = 978-1-59327-826-7 | oclc = 1012843116 | url = https://books.google.com/books?id=W1v6DwAAQBAJ&pg=PA56}}</ref> :<math>M_i = R_{K_i}(M_{i-1})</math> where <math>M_0</math> is the plaintext and <math>M_r</math> the ciphertext, with ''r'' being the number of rounds. Frequently, [[key whitening]] is used in addition to this. At the beginning and the end, the data is modified with key material (often with [[Exclusive or|XOR]]): :<math> M_0 = M \oplus K_0 </math> :<math>M_i = R_{K_i}(M_{i-1})\; ; \; i = 1 \dots r</math> :<math>C = M_r \oplus K_{r+1}</math> Given one of the standard iterated block cipher design schemes, it is fairly easy to construct a block cipher that is cryptographically secure, simply by using a large number of rounds. However, this will make the cipher inefficient. Thus, efficiency is the most important additional design criterion for professional ciphers. Further, a good block cipher is designed to avoid side-channel attacks, such as branch prediction and input-dependent memory accesses that might leak secret data via the cache state or the execution time. In addition, the cipher should be concise, for small hardware and software implementations.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)