![\"Tux.jpg\"](\"https:\/\/i0.wp.com\/scientopia.org\/img-archive\/goodmath\/img_322.jpg?resize=196%2C216\")
\n
![\"Tux_ecb.jpg\"](\"https:\/\/i0.wp.com\/scientopia.org\/img-archive\/goodmath\/img_323.jpg?resize=196%2C216\")
<\/p>\n Where encryption starts getting really interesting, in my opinion, is
\nblock ciphers. Block ciphers are a general category of ciphers that
\nare sort of a combination of substitution and transposition ciphers, and
\nsort of something entirely different. They’re really fascinating
\nthings, but they’re pretty complicated.<\/p>\n
\n<\/p>\n
The basic core of block ciphers is encryption of blocks. A block is <\/p>\n The ideal block cipher will have the properties that:<\/p>\n What happens to the block? It depends a lot on the particular block cipher. But in Of course, there’s a huge problem with the description so far, even given how You were expecting me to say something like “output them”, right? Sorry. Not that So, given a message that consists of multiple blocks, you don’t want to just naively I hate the term “Mode of operation”. It’s one of those terms that’s so mundane that it The naive method of just encrypting each block separately and concatenating them is a As I get to real examples of block ciphers, I’ll describe more modes of operation, but I’ll use one here: the cipher-block chaining MoO. In cipher-block chaining (CBC) mode, The selection of a mode of operation is critical for ensuring that the encryption In particular, most of the basic MoOs can provide either<\/em> message The first major standardized block cipher was called DES, for “data encryption standard”. It was a variation on one of the first published block ciphers, an IBM system called lucifer<\/em>. In the next post, I’ll describe the DEA – the data encryption algorithm of the DES. It’s a pretty typical example of a block cipher. It’s fairly complicated, and so it deserves a post of its own to describe its Where encryption starts getting really interesting, in my opinion, is block ciphers. Block ciphers are a general category of ciphers that are sort of a combination of substitution and transposition ciphers, and sort of something entirely different. They’re really fascinating things, but they’re pretty complicated. The basic core of block ciphers is encryption of blocks. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[84],"tags":[],"class_list":["post-678","post","type-post","status-publish","format-standard","hentry","category-encryption"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p4lzZS-aW","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"http:\/\/www.goodmath.org\/blog\/wp-json\/wp\/v2\/posts\/678","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.goodmath.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.goodmath.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.goodmath.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.goodmath.org\/blog\/wp-json\/wp\/v2\/comments?post=678"}],"version-history":[{"count":0,"href":"http:\/\/www.goodmath.org\/blog\/wp-json\/wp\/v2\/posts\/678\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.goodmath.org\/blog\/wp-json\/wp\/v2\/media?parent=678"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.goodmath.org\/blog\/wp-json\/wp\/v2\/categories?post=678"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.goodmath.org\/blog\/wp-json\/wp\/v2\/tags?post=678"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\na fixed-length series of bits. The basic cipher is a pair of functions (E,E-1<\/sup>), where E (the encryption function<\/em>) takes a block B and a key K, and generates a new block B’=E(K,B), which is the encrypted form of the block; and E-1<\/sup> (the decryption<\/em> function) takes a key and an encrypted block, and returns the original plaintext block: B=E-1<\/sup>(K,B’).<\/p>\n\n
\nwill differ by much more than one bit.<\/li>\n
\nand E-1<\/sup>(K,B)<\/li>\n
\nthe encryption key, or the plaintext block.<\/li>\n<\/ol>\n
\ngeneral, it’s treated as a set of sub-blocks, which are, in turn, treated as a sort of
\nlarge alphabet. The block is encrypted using what amounts to some substitutions, and some
\ntranspositions, performed in sequence. In many block ciphers, there’s a fairly simple
\nbasic mechanism for substitution and transposition, which is repeated multiple times to
\nproduce a final result. The specific set of substitutions and transpositions is determined
\nboth by the specifics of the block cipher being used, and<\/em> by the encryption key
\nused for the message. So the way that the key gets incorporated in the encryption of a
\nsingle block in a block cipher is by selecting the particular sequence of substitutions
\nand transpositions on the elements of the block.<\/p>\n
\nincomplete it is. Not all messages that we want to encrypt are the same size, but we’ve
\nonly described the basic idea of encrypting a single block! Filling in that gap makes it
\nclear why this kind of crypto is called a block cipher. Take a message of arbitrary size,
\nS. To encrypt it with a block cipher with block size B, you break the message into
\n⌈S\/B⌉ blocks, padding out the last block in some way to make it full. Then you
\nencrypt the blocks individually one at a time, and then…<\/p>\n
\nsimple. There’s another little trick for block ciphers. You don’t really just
\ndo the blocks in sequence, and then combine them. You usually add something: some kind of feedback between the blocks, some kind of transposition to re-order them, etc. Without that, you can get really poor results. Wikipedia has a fantastic example of what happens if you naively just encrypt each block, without any feedback or transposition. The
\nfirst figure to the right is a bitmap image of Tux the Linux penguin without any encryption. The second image is the Tux bitmap, encrypted with a block cipher without
\nany feedback or transposition. <\/p>\n
\nencode them and combine them into a message. In fact, there’s no one answer to “How do you
\ngenerate the encrypted blocks and put them together to produce the ciphertext?” The answer
\ndepends on something called the ciphers mode of operation<\/em>.<\/p>\n
\ndoesn’t sound like it describes something important or technical. It sounds like
\nIBM-manager-speak for trying to pad out a description, to make it sound deep. You know,
\nlike when a manager says “form-factor” instead of “size”. But it really is something very
\nimportant. There are two key functions performed by the mode of operation (hereafter
\n“MoO”): the first, I’ve already mentioned: re-assemble the separately encrypted blocks to
\nproduce a ciphertext message. The second is to provide an extra layer of security. Used
\nnaively, two identical blocks of cleartext will produce two identical blocks of
\nciphertext. That’s bad: it gives someone trying to crack the message a major clue about
\nthe structure of the message. The mode of operation can define some kind of additional
\nstate mechanism which will alter the ciphertext, so that even identical blocks of
\nplaintext will generate different blocks of ciphertext. <\/p>\n
\nvalid mode of operation, called the electronic codebook (ECB) MoO – it’s just a lousy one
\nthat no one in their right mind would use, because it provides such pathetic security.<\/p>\n
\nyou maintain a state vector the size of a block. You initialize that with something
\ncomputed from the encryption key. Then, for each block, you first do a bitwise exclusive-or of the plaintext<\/em> block with the state vector. Then you encrypt the modified plaintext, and set the state vector to the value of the encrypted block. So
\nin CBC mode, the blocks are output in sequence, but the ciphertext of each
\nblock depends on the encryption key, the cleartext, and the ciphertext of the previous
\nblock.<\/p>\n
\nsystem works appropriately for your application. Selecting an appropriate MoO involves some fairly hairy tradeoffs between (among others):<\/p>\n\n
\nintegrity (meaning that you can be confident that you got the complete message without
\nerrors or tampering), or message confidentiality (meaning that you can be confident
\nthat no one other that the intended recipient received the message). Basic MoOs
\ncan’t provide both.<\/p>\n
\nbasic mechanism, and its modes of operation.<\/p>\n","protected":false},"excerpt":{"rendered":"