Question

Why is the Cipher Block Chaining (CBC) mode of operation considered preferable to the Electronic Code Book (ECB) mode? Is it possible to perform encryption operations in parallel on multiple blocks of plaintext in the CBC mode? How about decryption?

Answer 1

Cipher block chaining (CBC):

---> Ehrsam, Meyer, Smith and Tuchman invented the cipher block chaining (CBC) mode of operation in 1976.

---> In CBC mode, each block of plaintext is XORed with the previous ciphertext block before being encrypted.

---> This way, each ciphertext block depends on all plaintext blocks processed up to that point. To make each message unique, an initialization vector must be used in the first block.

---> Cipher block chaining or CBC is an advancement made on ECB since ECB compromises some security requirements.

---> In CBC, previous cipher block is given as input to next encryption algorithm after XOR with original plaintext block.

---> In a nutshell here, a cipher block is produced by encrypting a XOR output of previous cipher block and present plaintext block.

Advantages of CBC:

* CBC works well for input greater than b bits.

* CBC is a good authentication mechanism.

* Better resistive nature towards cryptanalsis than ECB.

Disadvantages of CBC –

* Parallel encryption is not possible since every encryption requires previous cipher.

Electronic codebook (ECB):

---> The simplest of the encryption modes is the electronic codebook (ECB) mode (named after conventional physical codebooks

---> It is easier because of direct encryption of each block of input plaintext and output is in form of blocks of encrypted ciphertext.

---> Generally, if a message is larger than b bits in size, it can be broken down into bunch of blocks and the procedure is repeated.

---> The message is divided into blocks, and each block is encrypted separately.

Advantages of using ECB:

* Parallel encryption of blocks of bits is possible, thus it is a faster way of encryption.

* Simple way of block cipher.

Disadvantages of using ECB:

* Prone to cryptanalysis since there is a direct relationship between plaintext and ciphertext.

---> ECB (electronic code book) is basically raw cipher. For each block of input, you encrypt the block and get some output. The problem with this transform is that any resident properties of the plaintext might well show up in the ciphertext – possibly not as clearly – that's what blocks and key schedules are supposed to protect againt, but analyzing the patterns you may be able to deduce properties that you otherwise thought were hidden.

---> CBC mode is short for cipher block chaining. You have an initialization vector which you XOR the first block of plaintext against. You then encrypt that block of plaintext. The next block of plaintext is xor'd against the last encrypted block before you encrypt this block.

The advantages of CBC over ECB are many

---> with ECB, assuming many things, you could manage a partial decryption and easily fill in the blanks, for example if extracting data from an encrypted hard disk.

---> With CBC, if you are missing a few blocks in the sequence encryption becomes impossible.

---> However, there is one downside to CBC – ECB naturally supports operation in parallel since each block can be encrypted independently of the next.

---> However, with CBC this is harder, since you have to wait on each block. (You can still parallelize decryption, though.)

Is it possible to perform encryption operations in parallel on multiple blocks of plaintext in CBC mode? How about decryption?

---> No. For example, suppose C1 is corrupted. The output block P3 depends only on the input blocks C2 and C3.

---> In CBC encryption, the input block to each forward cipher operation (except the first) depends on the resultof the previous forward cipher operation, so the forward cipher operations cannot be performed in parallel. CBC-Pad handles plaintext of any length.