Chapter 3 Cryptography 41
Cryptography Overview
would slow down the encryption and decryption operations. In addition, if
the 20-round version of RC6 is accepted as submitted to the AES, a round
count other than 20 rounds might not be AES.
AESThe National Institute of Standards and Technology (NIST) selected an alogorithm
(Rijndael) as the replacement for the Data Encryption Standard (DES) in its Advanced
Encryption Standard project. Crypto-C includes basic AES support.
Modes of OperationWhen you use a block cipher to encrypt a message of arbitrary length, you can also
choose a mode of operation.
Modes of operation can use techniques such as feedback or chaining to make identical
plaintext blocks encrypt to different ciphertext blocks. Modes are designed so that
they do not weaken the security of the underlying cipher, but they may have
properties in addition to those inherent in the basic cipher.
Most of the modes of operation in Crypto-C are feedback modes. Feedback modes use
the previous block of output to alter the current block of input before encrypting. In
this way, encrypting the same block of plaintext twice will virtually never produce the
same ciphertext.
A feedback algorithm requires an initialization vector, or IV, to alter the first block. The
IV has no cryptographic significance. It is used to alter the first block of data before
any encryption takes place; therefore, it does not need to be secret. It should be
random, though, so that the first block of encrypted data is not predictable. In order to
start the decryption process, it is necessary to use the IV that was employed in the
encryption process.
Four Modes
Crypto-C offers the following four block cipher modes:
•Electronic Codebook (ECB) mode
•Cipher Block Chaining (CBC) mode
•Cipher Feedback (CFB) mode
•Output Feedback (OFB) mode
A brief description of these modes follows. Most cryptography texts, such as Bruce
Schneier’s Applied Cryptography [15], provide full descriptions of the various modes.