Chapter 6 BLOCK CIPHER OPERATION
Multiple Encryption and Triple DES
Triple DES with Two Keys Triple DES with Three Keys
Electronic Code Book
Cipher Block Chaining Mode
Cipher Feedback Mode
Output Feedback Mode
XTS-AES Mode for Block-Oriented Storage Devices
Storage Encryption Requirements Operation on a Single Block Operation on a Sector
◆ Multiple encryption is a technique in which an encryption algorithm is used multiple times. In the first instance, plaintext is converted to ciphertext using the encryption algorithm. This ciphertext is then used as input and the algorithm is applied again. This process may be repeated through any number of stages.
◆ Triple DES makes use of three stages of the DES algorithm, using a total of two or three distinct keys.
◆ A mode of operation is a technique for enhancing the effect of a crypto- graphic algorithm or adapting the algorithm for an application, such as applying a block cipher to a sequence of data blocks or a data stream.
◆ Five modes of operation have been standardized by NIST for use with symmetric block ciphers such as DES and AES: electronic codebook mode, cipher block chaining mode, cipher feedback mode, output feed- back mode, and counter mode.
◆ Another important mode, XTS-AES, has been standardized by the IEEE Security in Storage Working Group (P1619). The standard describes a method of encryption for data stored in sector-based devices where the threat model includes possible access to stored data by the adversary.
This chapter continues our discussion of symmetric ciphers. We begin with the topic of multiple encryption, looking in particular at the most widely used multiple-encryption scheme: triple DES.
The chapter next turns to the subject of block cipher modes of operation.We find that there are a number of different ways to apply a block cipher to plaintext, each with its own advantages and particular applications.