DES (Data Encryption Standard) and AES (Advance Encryption Standard) are both block ciphers. The message is broken into blocks and each block is encrypted and then it is put back together, with padding added if the message is smaller than a block.

To improve the encryption, each block is jumbled multiple times with a different key (DES 16x). DES uses a Feistel network, which relies on XOR (exclusive or). XOR has some interesting mathematical properties:

• the result will always be the same length as the inputs
• if you XOR a result by an input, you will get the other input (eg: 10 XOR 12 XOR 10 = 12)
• If you XOR any number with a random number, the result will be random

These are useful for encryption and decryption. But note we convert inputs to binary first. AES doesn’t use a Feistel Network, it uses an SP network (Substitution Permutation Networks), to encrypt the blocks.

Block structure

Splitting plaintext into blocks is easy, but how do we join them back together? The way blocks are connected is known as the block mode. There are three block modes:

Electronic code block (ECB)

This is the most basic and includes repeats. It is like a code book and is too easy to crack because although things change, patterns are repeated and relationships in the message remain (eg the Linux penguin)

DO NOT USE ECB!

Cipher Book Chaining (CBC)

Each blocks plain text is XOR’d with the previous ciphertext, then encrypted, with an Initialisation Vector used for the first block (there’s no previous block to XOR with). To decrypt, it is XOR’d in reverse – so elegant! But – it’s needs to be done block after block, sequence is important.

Counter Mode (CTR)

This is great, the plain text is not even encrypted! I love this. A counter is encrypted, then XOR’s with the plain text. Decryption is the same process, but the cipertext is XOR’d with an encrypted counter. Counter mode blocks can be encrypted/decrypted in parallel because they do not rely on the previous block as an input.

Stream Cipher

A stream cipher is an alternative to block ciphers. Like the name implies is done on data as it is transmitted, they retain positioning and are used for protocols such as WEP and WPA, Wifi and TV broadcasts. The stream is XOR’d with a random string. The receiver has the same random number generator (lol, random), this is then XOR’d with the ciphertext for decryption.

Reflection

Block Modes are the way that messages are broken into blocks, encrypted and put back together. XOR is XORsome! It provides an elegant way of reversing an encryption. CTR blockmode is great because it is secure and allows parallel processing, but it relies on both ends using the same counter and key. Cipher Block Chaining (CBC) needs to be done sequentially but only requires a shared key.