Beruflich Dokumente
Kultur Dokumente
M2
64
M3
64
M4
46 pad
ENC
ENC
ENC
ENC
C1
C2
C3
C4
ECB Problem #1
M1
64
M2
64
M3
64
M4
46 pad
ENC
ENC
ENC
ENC
C1
C2
C3
C4
ECB Problem #2
Lack the basic protection against integrity
attacks on the ciphertext at message level
(i.e., multiple cipher blocks)
Without additional integrity protection
attacks
fabrication of specific information
C1
M2
64
M3
64
M4
46 pad
ENC
ENC
ENC
C2
C3
C4
CBC Decryption
M1
M2
M3
M4
DEC
DEC
DEC
DEC
C3
C4
IV
C1
C2
CBC Vulnerabilities
Loss sync of block boundary garbles the rest
of the stream
Create desired change in decrypted block P n
by sacrificing block P n-1
P n-1
Pn
DEC
DEC
C n-1
Cn
k IV
ENC
M1
K bits
C1
k
ENC
M2
K bits
C2
ENC
M3
K bits
C3
CFB General
CFB Properties
advance.
IV
ENC
M1
ENC
M2
C1
ENC
M3
C2
ENC
M4
C3
C4
OFB Properties
Advantages
Allow pre-computing of pseudo-random stream
IV+1
ENC
ENC
M1
M2
C1
IV+2
ENC
M3
C2
IV+3
ENC
M4
C3
C4
If
C1 XOR C1 = m1 XOR m1
Generating MICs
Stream ciphers dont work
CBC: Only send last block of CBC (CBS
residue)
Send plaintext
Encryption + Integrity ?
C1
M2
64
M3
64
M4
46 pad
ENC
ENC
ENC
C2
C3
C4
residue
Triple DES
DES brutal force: 256 search space
3DES, or EDE
Two keys: m E with K1 D with K2
E with K1 c
3 DES brutal force: 2112 search space
Alternatives
3 keys: Even more stronger
2 DES with one key:
m E with K1 E with K1
c
Brutal force: 256 search space if there are known
<m, c> pair(s)