CBC algorithm

Introduction:

The CBC algorithm stands for the Cipher Block Chaining algorithm. It is a type of algorithm used in block cipher mode of operation. It generally uses a block cipher to provide information security aspects, such as security, confidentiality, authenticity, et cetera. A block cipher is usually used to encrypt a single unit of data, called bits or block. It is used for a secured cryptographic transformation, which is either encryption or decryption of a single block. CBC algorithm enables cipher’s single-block algorithm to be securely applied to large blocks of data on a loop so that the larger block gets divided into smaller blocks, and each block gets transformed cryptographically on an individual level. (Johnson & Baker (2019). The transformed blocks are then joined back to form the larger block of data.

CBC was developed in 1976 by Ehrsam, Meyer, Tuchman, and Smith in 1976. Since its invention, CBC has been the most common mode of encryption when it comes to Cipher block chaining algorithms. Apart from its advantages, one of the main disadvantages of CBC is that the encryption is sequential. This means that the sequence is not parallelized. This causes messages to be linked to a multiple of the cipher block’s total size. This can be eliminated using a process called Cipher Text Stealing. Another major disadvantage of CBC is that slight change in the initialization vector or plaintext affects all the ciphertext blocks. (Astuti, et al. (2019).

Example:

Figure 1

DES

What is DES?

DES or Data Encryption Standard is a symmetric key algorithm, usually used to secure digital data present. Often, its crucial short length is a subject of criticism, as it offers very little security for modern applications. However, it has very influential in the development of advanced cryptography techniques. (Pachghare (2019).

Simplified DES or SDES was designed for educational purposes by IBM in the 1970s. SDES had similar properties very much like that of a standard DES but was simplified further so that it could be studied, and other block ciphers and cryptanalytic studies could be conducted with their help (Giles et al. (2019). More than one DES block can be connected to form a long chain of blocks, each having its own set of encryption and decryption. One of the most common examples of this is the 3DES block.

Given problem:

For the given problem, it is stated that to build a hardware device to do block encryption in the cipher block chaining (CBC) mode using an algorithm stronger than DES. 3DES is the right candidate. Figure2 shows two possibilities, both of which follow the definition of CBC.

Which of the two would be preferable for (with reasons):

• For security?
• For performance?

Figure 2

Solution:

For security:

The “single loop compact” approach in figure 2 gives a scope of more security because the EDE block contains the encryption function given below:

C = E k1[D k2[Ek1[P]]]

It is challenging for cryptanalysis without simplifications (like differential attack) more difficult as compared to doing it on a simple loop with encryption and decryption.  This is because each loop present in the second diagram looks like a simple DES that could be attacked separately in a chosen-plaintext attack (also known as a differential attack).

A differential attack (or a plaintext attack) is a type of cryptanalysis attack where the attacker has ciphertexts and some plain texts as per their choice. Now, the method uses the pairs related by a constant called difference. The attacker computes this difference in the hopes of detecting a statistical pattern in their distribution. As evident, a simple DES present will make the process much more comfortable, since the difference would be easy to calculate, as well as for the fact that there are very fewer pairs in the original, to begin with. (Courtois (2016).

Further, a single loop (also called one-time pad encryption) is generally challenging to break, even by infinite computational power, because it is mathematically impossible.

For Performance:

From a performance perspective, the most plausible approach is the second three-simple approach. This is because each block which is present in the loop contains its own set of encryptions and decryptions. (Patil, et al. (2016). This, in turn, makes it more effective, and speeds up the process, as compared to the first one where a single overall unit of encryption and decryption is functioning.  But, as discussed earlier, it is more vulnerable to differential attack as compared to a single loop DES. (Usman, et al. (2018).3DES generally breaks the user-defined 192-bit keys into further smaller subkeys, which are 64 bits long. The procedure of encryption is similar to that of a single DES, but the process is usually repeated three times (hence the name). The data is encrypted using the first key, followed by the second, and then followed by the final third key.

As compared to single DES, triple DES has three discrete 56-bit keys, namely 168, 112, or 56-bit key. It is tough to break with current technology. Also, it is effortless to implement and accelerate 3DES on hardware as compared to single DES. That is why 3DES is present everywhere nowadays, as every significant system, library, systems, support, protocols, et cetera include support for it. This type of encryption is also straightforward to modify, as individual blocks can be edited out separately, without affecting the other two blocks or the overall sequence of the algorithm.

Conclusion:

Both the DES discussed above have their own set of advantages and disadvantages. Each one of them has its field of usage and hence depends on both the situation and requirement that decide which one of them would be used in which cases. For security purposes, it is preferable to use a single DES algorithm. But when it comes to performance, 3DES should be considered.  Whatever the choice might be, the DES algorithm remains one of the most commonly used, easy to read digital algorithms used in modern cryptographic applications.

References:

Astuti, N. R. D. P., Arfiani, I., & Aribowo, E. (2019, November). Analysis of the security level of modified CBC algorithm cryptography using avalanche effect. In IOP Conference Series: Materials Science and Engineering (Vol. 674, No. 1, p. 012056). IOP Publishing.

Courtois, N. T. (2016). An improved differential attack on full GOST. In The new codebreakers (pp. 282-303). Springer, Berlin, Heidelberg.

Giles, M. B., Hefter, M., Mayer, L., & Ritter, K. (2019). An Adaptive Random Bit Multilevel Algorithm for SDEs. arXiv preprint arXiv:1902.09984.

Johnson, S., & Baker, B. (2019). A CBC algorithm combined with immature platelet fraction is able to identify JAK2 V617F mutation‐positive polycythaemia vera patients. International journal of laboratory hematology, 41(2), 271-276.

Pachghare, V. K. (2019). Cryptography and information security. PHI Learning Pvt. Ltd.

Patil, P., Narayankar, P., Narayan, D. G., & Meena, S. M. (2016). A comprehensive evaluation of cryptographic algorithms: DES, 3DES, AES, RSA and Blowfish. Procedia Computer Science, 78(1), 617-624.

Usman, K., Richard, A. T., Moses, A. D., & Pius, U. T. (2018). A Novel Approach to Enhance the Security of Keys Shared by Users in WLAN Environments Using 3DES Algorithm. International Journal of Advanced Studies in Computers, Science and Engineering, 7(2), 1-7.