Basic Concepts

Traditional Secret-key Cryptography


Traditional cryptography uses a single key to encrypt and decrypt a message. An algorithm that uses the same key to encrypt and decrypt is called symmetric.


This type of cryptography also deals with authentication, the main technique being the creation and verification of message authentication codes (MACs).


The difficulty with secret-key cryptosystems is sharing a key between the sender and receiver without anyone else compromising it.  In a system supporting a large number of users the key management problems can become very severe.


The advantage of traditional cryptography is that it is usually much faster than public-key cryptography.


The main techniques are:


  • Block Ciphers
  • Stream Ciphers
  • Message Authentication Codes



Block Ciphers


A block cipher transforms a fixed-length block of plaintext into a block of ciphertext of the same length, using a secret key. To decrypt, the reverse process is applied to the ciphertext block using the same secret key.


In the case of DES, the block size is 64 bits (8 bytes) and the key is 56 bits presented as 8 bytes, the low order bit of each byte being ignored. It is usual to set every 8th bit so that each byte contains an odd number of set bits. This process is known as DES key parity adjustment.


To use a block cipher to encrypt data of arbitrary length, we can use one of the following techniques (or modes of operation):


  • Electronic Code Book (ECB)
  • Cipher Block Chaining (CBC)
  • Cipher Feedback (CFB)
  • Output Feedback (OFB)



Most good block ciphers transform the secret key into a number of sub keys and the data is encrypted by a process that has several rounds (iterations) each round using a different sub key.  The set of sub keys is known as the key schedule.  In the case of DES the secret key is transformed into 16 sub keys and consequently DES takes 16 rounds to perform an encryption.



Electronic Code Book


In ECB mode, each block of data is encrypted independently.


If we take eK(D) to mean “encrypt block D with key K”, then the plaintext D1,D2,D3,…..,Dn is encrypted as eK(D1),eK(D2),….,eK(Dn).


The trouble with ECB mode is that plaintext patterns show up in the ciphertext, because each identical block of plaintext gives an identical block of ciphertext. This can lead to attacks based on rearranging, deleting or repeating ciphertext blocks.


ECB mode should only be used for encrypting very small blocks of data such as keys.



Cipher Block Chaining


In CBC mode each plaintext block is XOR’d with the previous ciphertext block before it is encrypted. Because there is no previous ciphertext for the first block, an 8-byte block known as the Initial Chaining Value (ICV) is used to start the process.


Patterns in the plaintext are hidden by the exclusive-OR.  The ICV should be different for any messages encrypted with the same key, but it does not have to be kept secret and can be transmitted with the encrypted text.


If the total length of the plaintext is not a multiple of 8, it is necessary to deal with the final short block.  The obvious way to do this is to pad out the last block to 8 bytes, but the final block must contain a count of the number of filler bytes, so the message length is always increased by a maximum of 8 bytes.  If this increase in length is not acceptable, a solution is to XOR the short block by re-enciphering the last complete ciphertext block (or, if there isn’t one, the ICV).



Cipher Feedback


In CFB mode the previous ciphertext block is encrypted and is XOR’d with the plaintext to give the current ciphertext block. As with CBC mode, an ICV is needed to start the process. 


As well as full 64-bit feedback, it is possible to define 1-bit, 2-bit, and up to 63-bit cipher feedback. In software implementations there is no advantage over CBC mode, though CFB is often used in link encryption devices.



Output Feedback


OFB is similar to CFB mode except that the ciphertext XOR’d with each plaintext block is independent of the plaintext and ciphertext and is produced by repeatedly encrypting the ICV.


The advantage of OFB mode is that transmission errors are not propagated and do not affect decryption of blocks that follow.  It is therefore a useful method for encryption of satellite links where re-transmission of a corrupted message would be inconvenient.



Stream Ciphers


Stream ciphers are typically much faster than block ciphers. A stream cipher generates a key stream (a sequence of bits or bytes used as a key). The plaintext is combined with the key stream, usually with the XOR operation.


Generating the key stream may be independent of the plaintext and ciphertext, to give a synchronous stream cipher. Alternatively it may depend on the ciphertext, in which case the stream cipher is self-synchronizing. Nearly all stream cipher are of the synchronous type.


There is no “standard” stream cipher, and in general stream ciphers are best avoided. Certain modes of operation of a block cipher transform it into a keystream generator and so any block cipher can be used as a stream cipher. Examples are DES in CFB or OFB modes.


GT Browne


Return to Cryptography World


Cryptography, Encryption, Decryption, Key Management

© Copyright 2004. Papers, ISO 17799, ITIL, Sarbanes-Oxley, Etal