Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Block size (cryptography)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{More citations needed|date=November 2024}} In modern [[cryptography]], [[symmetric key algorithm|symmetric key]] [[cipher]]s are generally divided into [[stream cipher]]s and [[block cipher]]s. [[Block cipher]]s operate on a fixed length string of [[bit]]s. The length of this bit string is the '''block size'''.<ref>{{Cite web |title=Block size |url=https://csrc.nist.gov/glossary/term/block_size}}</ref> Both the input ([[plaintext]]) and output ([[ciphertext]]) are the same length; the output cannot be shorter than the input{{snd}} this follows logically from the [[pigeonhole principle]] and the fact that the cipher must be reversible{{snd}}and it is undesirable for the output to be longer than the input. Until the announcement of [[NIST]]'s [[Advanced Encryption Standard process|AES contest]], the majority of block ciphers followed the example of the [[Data Encryption Standard|DES]] in using a block size of 64 bits (8 [[BytesForAll|bytes]]). However, the [[birthday problem|birthday paradox]] indicates that after accumulating several blocks equal to the [[square root]] of the total number possible, there will be an approximately 50% chance of two or more being the same, which would start to leak information about the message contents. Thus even when used with a proper [[block cipher modes of operation|encryption mode]] (e.g. CBC or OFB), only 2<sup>32</sup> Γ 8 B = 32 GB of data can be safely sent under one key.{{Citation needed|date=May 2011}} In practice a greater margin of security is desired, restricting a single key to the encryption of much less data β say a few hundred megabytes. At one point that seemed like a fair amount of data, but today it is easily exceeded. If the [[block cipher modes of operation|cipher mode]] does not properly randomise the input, the limit is even lower. Consequently, AES candidates were required to support a block length of 128 bits (16 bytes). This should be acceptable for up to 2<sup>64</sup> Γ 16 B = 256 [[exabyte]]s of data, and would suffice for many years after introduction. The winner of the AES contest, [[Rijndael]], supports block and key sizes of 128, 192, and 256 bits, but in AES the block size is always 128 bits. The extra block sizes were not adopted by the [[Advanced Encryption Standard|AES]] standard. Many block ciphers, such as [[RC5]], support a variable block size. The [[Feistel cipher|Luby-Rackoff]] construction and the [[Richard Outerbridge|Outerbridge]] construction can both increase the effective block size of a cipher. [[Joan Daemen]]'s [[3-Way]] and [[BaseKing]] have unusual block sizes of 96 and 192 bits, respectively. == See also == * [[Ciphertext stealing]] * [[Format-preserving encryption]] ==References== {{reflist}} {{Cryptography navbox | block}} [[Category:Symmetric-key cryptography]]
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)
Pages transcluded onto the current version of this page
(
help
)
:
Template:Citation needed
(
edit
)
Template:Cite web
(
edit
)
Template:Cryptography navbox
(
edit
)
Template:More citations needed
(
edit
)
Template:Reflist
(
edit
)
Template:Snd
(
edit
)