📝Cipher Block Chaining (CBC)

tags

§ Cryptography

• A block cipher mode of operation that fixes many issues of ECB:

  • hides data patterns

  • randomizes encryption process, so encrypting the same input twice produces different results (given the IV is unique).

• Algorithm:

  • Xor Initialization Vector with the plaintext before encryption of the first block.

  • Use ciphertext of the first block as IV for the next block encryption.

• Using ciphertext of one block to encrypt the next implies that encryption can not be parallelized.

• CBC also requires block padding.

• CBC requires a unique IV for every new encryption operation, which should be unpredictable at time of encryption. (See TLS CBC IV attack).

• Note that during decryption, the IV is only used for the first block. The rest of the blocks use ciphertext of the previous block (which is known).

  • That means that if invalid IV is supplied during the decryption, only the first block is corrupted. The rest of the blocks are decrypted correctly (given encryption key is known).

    • Explicit Initialization Vectors uses this property by prepending a single random block to the plaintext. Then, the first block of ciphertext can be safely discarded (and IV does not need to be communicated).

  • This also means that decryption can be performed in parallel.

See also:

• Propagating Cipher Block Chaining (PCBC)