PDA

View Full Version : Encryption modes


stealthFIGHTER
August 29th, 2002, 01:52
Hello all,

can somebody explain me when (or which of them) encryption modes are used? (ECB, CBC, OFB, CFB, OFBC).

I saw this encryption modes in some kind of cryptos (IDEA, Blowfish...). Please if can somebody provide short! description of these enc. modes, it would be cool .

Thanks,
sF

DakienDX
August 29th, 2002, 08:58
Hello stealthFIGHTER !

I'll try to explain what I know about them.
ECB: Basic encryption mode for block-ciphers. The encrypted block is just stored as it is. You can start decryption anywhere in the encrypted data (of course on a block-size boundary). Same input data results in same output data. You can insert/delete blocks without affecting any other blocks.
CBC: All blocks are chained together. You Xor the original data with a random value (must be present for decryption), encrypt it and take the encrypted block as random value for the next encryption. This way blocks with same data look different. If you delete/insert a block, you'll be unable to decrypt the next block.
CFB: Block-ciphers can only work with blocks. So if you want to encrypt some data smaller than the block (for example one byte), you've a problem. So you take a random value again (needed for decryption), encrypt it, Xor the data with the leftmost byte of the encrypted random data, Shl the random value by one byte and put the Xored byte at the rightmost position (this is the encrytped byte). You can see that no decryption routine is used here. The byte is decrypted by Xoring it back with the leftmost byte of the random value. If you insert or delete a byte, all data after that byte cannot be decrypted any more.
OFB: Similar to CFB, but I can't tell you exactly how it's done, since I didn't understand it correctly. It uses the original random value somehow for encryption every time, not the encrypted. It is said to be unsecure if you don't use it on the whole blocksize instead of just one byte, which makes CBC possible again.
OFBC: Sorry, but I've never heard of that.

cyberheg
August 29th, 2002, 10:03
It's amazing what a search on google can do, some people here could learn of that.

Here is a more detailed discription on some of the modes:

http://home.ecn.ab.ca/~jsavard/crypto/co0409.htm

Don't forget to also lookup CTR mode which you didn't mention yourself. This is a very popular mode for AES and personally I think AES-CTR would be a good replacement for a stream cipher like RC4.

// CyberHeg

DakienDX
August 29th, 2002, 13:30
Quote:
Originally posted by cyberheg
It's amazing what a search on google can do, some people here could learn of that.
Hello cyberheg !

I'm really impressed how much this document informs about the OFB mode. If I start counting the letters it will probably have about 20% more letters and about 20% less information than I wrote.

I also find it very interesting how the OFBC mode works. It is described there in exactly zero letters. And not a single mention of CTR on the whole domain.

And it is extremly easy to understand the Base26 number system they use all over the place there. I find it much better than any stupid hex/binaray examples or even a bit of explanation.

stealthFIGHTER
August 29th, 2002, 20:13
Cool DakienDX ,

this is exactly what I want to see. Again thank you.


Quote:
Originally posted by cyberheg
It's amazing what a search on google can do, some people here could learn of that.
// CyberHeg


Hello CyberHeg,

of course, I did a search on google and I'm sure there is more info. about enc. modes than DakienDX wrote, but I don't need it (as I wrote 'short! description' will do) so detailed.

Anyway thank you too for the link.

Best regards,
stealthFIGHTER

cyberheg
August 29th, 2002, 21:32
I'm sorry DakienDX if you don't find the document useful. I could say the same thing from my point of view about your post but I leave it to the reader and their opinions.
However I like personally reading facts from books and documents rather then just believe in everything written on a messageboard (no this is not a offense).

As for CTR mode again it's easy to find the needed information with a websearch.
Here is a doc on AES-CTR:

http://csrc.nist.gov/encryption/modes/proposedmodes/ctr/ctr-spec.pdf

// CyberHeg

DakienDX
August 29th, 2002, 21:47
Hello cyberheg !

This wasn't meant offensive from my point of view, just ironic.

It was just the document you linked to. You wrote "some people here could learn of that" and posted a document not telling any more than I wrote already.

And the Base26 number system in the examples made the whole thing completely confusing.

Of course I didn't invent those cipher modes, I read about them also, not when posting, but some time ago. I know how ECB, CBC and CFB work and I know that I haven't understood OFB when reading it.

Entering "ECB CBC CFB OFB" into Google gave me 14000 results, adding "OFBC" gave me 0 results. So I was quite sure I was not the only person who never heard about it.

So I decided to be a bit ironic.

mike
August 30th, 2002, 03:51
You can also check out my favorite reference, Applied Crypto:
http://www.unixqi.com/crypto

DakienDX
August 30th, 2002, 07:38
Hi mike !

Thank you for the link. I know that page.
Well, I actually didn't know that page until you posted it here, but I have the same page as .CHM file.

Strange, the webpage doesn't contain a "Brought to you by tE!//TMG" string after the Preface.

Bengaly
August 30th, 2002, 23:30
this book as said by Bruce Schneier him self in his newest book "trues & lies" (something like that) that it is complete crap book (delicated words -> useless nowdays) ;D
dont complain to me, complain to bruce

mike
August 30th, 2002, 23:46
No, 'Secrets & Lies' says that he was wrong about the idea that crypto can, by itself, provide security. Applied Crypto is still a great crypto reference.

DakienDX: does the .CHM have the full-size pics in it? Or is it like this one, where all the image links are bad...?

Bengaly
August 30th, 2002, 23:49
ahh yes "Secrets & Lies" i remember now i took it from uni, scanned it a bit and saw it was a boring book with nothing new
than i went on scanning William Stalling's book which is really cool [ i got +- 30-60 pages scanned in jpg no html/txt ]

DakienDX
August 31st, 2002, 09:53
Hi mike !

The .CHM file contains the images and the links work too, but they aren't any better.

I've found an online copy of the book where the links work fine, but the linked pictures are only resized versions of the old ones. You still don't see more, maybe even less.

You can't expect much if you're looking at an 8kb tumbnail and get redirected to a 12kb "full" picture.

I don't know if the big pictures are around anywhere.

stealthFIGHTER
August 31st, 2002, 16:59
Hello DakienDX,

you say a .CHM file? Is it the same book (but converted) that can be found on CrackZ's site? (html file format, include pictures)

Thanks,
sF

Bengaly
August 31st, 2002, 17:12
yeah same book in .chm format made by tE!/TMG
i also got it if someone need it...(somewher on cd)

DakienDX
August 31st, 2002, 17:51
Hello stealthFIGHTER !

I don't know where I got it from, but I think it was from tE!'s website when it was still online.

Where on CrackZ site can I find it? There's nothing of that size on the page.

esther
August 31st, 2002, 18:11
Hi all,
There is only applied crypto in CrackZ site.
check out this link hxxp://www.woodmann.net/crackz/Keygens.htm#crypto

DakienDX
August 31st, 2002, 18:20
Hi esther !

Thank you for the link. I though it was on CrackZ site directly, but this is only a link to some other page. At least I found out that "Dokz" was the right section to look in.

Yes, it's the same file as the .CHM I have.

The page was really slow for me. You'll will find a faster source by looking for "appliedcrypto.zip" with Google. (I found this file when looking for the "big" pictures missing in mike's link some days ago)

esther
August 31st, 2002, 18:42

stealthFIGHTER
August 31st, 2002, 20:14
Quote:
Originally posted by DakienDX
I though it was on CrackZ site directly, but this is only a link to some other page.

Hi DakienDX,

Quote from CrackZ's:
Quote:

...An edited and much smaller HTML version of this book is available here (thanks go to Bicho for this link).

And the word 'here' links to file f*p://ftp.zedz.com/pub/crypto/incoming/acrypto.zip so... .

Regards,
stealthFIGHTER

JMI
August 31st, 2002, 20:31
DakienDX:

Attention, Attention !!

Function.php file configuration error. stealthFIGHTER has exposed a slight defect if the system to prevent clickable URL's, outside the Forum, unless, of course, they were never intended to block FTP sites. Otherwise, some further editing appears to be required. If, and when, it is done, I would appreciate getting a copy of how you do it, although it would appear, from what you previously provided that a similar format line would do the trick, but I'm less than a php newbie.

I keep hoping that giving your solution to Aaron at exetools forum isn't the reason we can't reach the site any more. I know I only cut and pasted and didn't try to recreate it on my one.

Regards.

DakienDX
September 1st, 2002, 09:51
Hello stealthFIGHTER !

Will you tell me that the FTP file is on CrackZ page directly?

The file is edited and much smaller and has the same contents as the other link, expect this one contains only the text and not the links from the page it was teleported from. It looks exactly like the online copy at mike's link.

The only thing which started this discussion was "Is it the same book (but converted) that can be found on CrackZ's site" and I looked at my CrackZ copy and didn't find it as ZIP file. So I was a bit confused.

DakienDX
September 1st, 2002, 09:55
Hello JMI !

No, no function.php configuration error.

Woodmann upgraded the board and overwrote my changes, so the URL handling system isn't online any more.

But I'm fixing it soon. It should be back online sometime today.

stealthFIGHTER
September 1st, 2002, 14:52
Quote:
Originally posted by DakienDX
Hello stealthFIGHTER !

Will you tell me that the FTP file is on CrackZ page directly?

The file is edited and much smaller and has the same contents as the other link, expect this one contains only the text and not the links from the page it was teleported from. It looks exactly like the online copy at mike's link.

The only thing which started this discussion was "Is it the same book (but converted) that can be found on CrackZ's site" and I looked at my CrackZ copy and didn't find it as ZIP file. So I was a bit confused.

Oh,

my mistake, sorry