Detailed explanation of symmetric block cipher algorithm encryption mode
In openssl or other password-related information, we often see that symmetric encryption algorithms have abbreviations for encryption modes such as ECB and CBC. What are these encryption modes? What is the difference between them? Today I will solve this mystery for you.
Among the existing symmetric encryption algorithms, there are mainly four encryption processing modes. These four encryption processing modes are generally for block encryption algorithms, such as the DES algorithm.
These 4 encryption modes are listed below:
Chinese description of the mode English name (Openssl abbreviation)
Electronic Code Book (ECB)
Encrypted Block Chaining Mode Cipher Block Chaining (CBC)
Encrypted Feedback Mode Cipher Feedback Mode (CFB)
Output Feedback Mode Output Feedback Mode (OFB)
Below we distinguish Introducing these 4 encryption modes.
[Electronic codebook mode]
This mode is the earliest and simplest mode. It divides the encrypted data into several groups. The size of each group is the same as the encryption key length, and then each group is encrypted with the same key. For example, DES algorithm, a 64-bit key, if this mode is used for encryption, the data to be encrypted is divided into each group of 64-bit data. If the last group is not enough 64-bit, then it will be filled to 64-bit, and then each group of data All are encrypted using a 64-bit key of the DES algorithm. Below:
_______________________
My name |is Drago|nKing
———————–
The sentence “My name is DragonKing” in the above picture has 8 characters each ( 64 bits) as a block, and then use the same 64-bit key to encrypt each block. If the last block is less than 64 bits, it is filled up and then encrypted.
It can be seen that because the key used in every 64 bits of the ECB method is the same, it is very easy to obtain the ciphertext for password cracking. In addition, because each 64 bits are independent of each other, sometimes there is no need to even crack the password, just a simple Replacing one of them can achieve hacking purposes.
[Encrypted Blockchain Mode]
This mode is as shown below:
P0 P1 C0 C1
| | | |
| | |—-| |—>…
IV—>XOR |—>XOR | —>… Key Dec | Dec
| | | | | | | |
| | | | |
Key Enc | Enc | IV—>XOR |—>XOR
|—–| | —–| | | |
| | |
C0 C1 P1 P2
encryption process decryption process
As you can see from these two figures, CBC mode encryption first divides the plaintext into fixed-length (64-bit) blocks (P0, P1…), and then combines the ciphertext output from the previous encryption block with the next The plaintext block to be encrypted is calculated by XOR (exclusive OR) operation, and the calculation result is encrypted with the key to obtain the ciphertext. When the first plaintext block is encrypted, because there is no encrypted ciphertext before it, an initialization vector (IV) is needed. Different from the ECB method, through the connection relationship, the ciphertext and plaintext are no longer in a one-to-one correspondence, making it more difficult to crack, and it overcomes attacks that may achieve the goal by simply swapping ciphertext blocks.
However, the disadvantage of this encryption mode is that it cannot decrypt in real time, that is to say, you must wait until every 8 bytes are received before you can start encryption, otherwise you will not get the correct result. This seems inappropriate when the real-time requirements are relatively high. That’s why there are the following two encryption modes.
[Encryption Feedback Mode]
In order to overcome the shortcoming of having to wait for all 8 bytes to be decrypted, the encryption feedback mode uses a 64-bit (8 bytes) shift register to obtain the ciphertext, as shown in the figure below:
C2|C3|C4|C5|C6|C7|C8|C9<—| C2|C3|C4|C5|C6|C7|C8|C9<—|
———- ——————— | —————————- — |
| | | |
| | | |
Key—>Enc |C10 Key—>Enc |C10
| | | |
| | | |
Get the leftmost byte | Get the leftmost byte |
| | | | |
| | |
P10—>XOR——————>C10 C10—>XOR———– —–)—>P10
|______________|
Encryption process Decryption process
In the above two figures, C2, C3 and P10 are all one byte (8-bit) data, so real-time encryption and decryption of characters can be achieved without having to wait until all 8 bytes are received before decrypting. The picture shows the encryption and decryption process of the 10th byte data. In this process, 8 bytes of data (C2 to C9) are first taken from the shift register and encrypted with the key, and then the last encrypted data is taken. The left byte is XORed with the input plaintext P10, and the resulting value is used as the output ciphertext C10, and C10 is sent to the shift register.
It should be noted that if there is an error in one byte of ciphertext during transmission (even one of them), then the 8 bytes of data decrypted during its appearance in the shift register will not be correct. Of course, after these 8 bytes have passed, the correct decryption result can still be obtained. However, one bit error affects the correct result of 8 bytes (64 bits), resulting in poor robustness, so the following encryption mode OFB was proposed.
[Output feedback mode]
The output feedback mode OFB is almost the same as CFB, except that the input data of the register is slightly different, as shown below:
S2|S3|S4|S5|S6|S7|S8|S9<- —| S2|S3|S4|S5|S6|S7|S8|S9<——|
———————– ——– | ———————————- |
| | | | |
| | |
Key —>Enc |S10 Key—>Enc |S10
| | | |
| | | |
Get the leftmost byte | Get the leftmost byte ||
______________| |_____________ |
|
XOR—————->C10 C10—>XOR——————->P10
encryption process decryption It can be seen from the process
that this method does not use ciphertext as encrypted data, so it overcomes the situation where 64 related bits fail to decrypt due to a single bit during the transmission process. In this mode, if one bit is wrong, Then it will only affect one bit corresponding to itself, but not others. However, compared with other modes, this encryption mode is relatively insecure because of the small correlation between data. Therefore, the application of OFB mode is generally not recommended unless it is specifically needed.