AES encryption working mode ECB, CBC, CFB, OFB and cases

高级加密标准（Advanced Encryption Standard: AES）是美国国家标准与技术研究院（NIST）在2001年建立了电子数据的加密规范。其是对称加解密算法的最经典算法之一，它是一种分组加密标准，每个加密块大小为128位，允许的密钥长度为128、192和256位。这里只介绍ECB、CBC、CFB和OFB四种加密模式

ECB (Electronic Code Book Mode)

The reason why the block cipher mode is used is because the block cipher can only process fixed-length data. For example, AES processes 128bit, then the plaintext is divided into several 128bits and encrypted separately. This mode is the ECB mode. In fact, it has obvious weaknesses and is no longer used.

The ECB mode is the simplest one. It has a serious problem, that is, the same plaintext will get the same ciphertext. Because each block has the same encryption method and key, if the block plaintext is the same, the encrypted ciphertext is also the same.

So we need to find a model that at least satisfies:

1. The same plaintext block is encrypted and the ciphertext is different.
2. Small changes in plaintext can cause great changes in ciphertext.

CBC mode (cipher block link mode)

The CBC mode was invented by IBM in 1976. In the CBC mode, each plaintext block is XORed with the previous ciphertext block before being encrypted. In this method, each ciphertext block depends on all ciphertext blocks before it. At the same time, in order to ensure the uniqueness of each message, an initialization vector needs to be used in the first block.

The encryption and decryption process is as follows:

The initialization vector IV is introduced here, because the "previous ciphertext" does not exist in the first group of plaintexts. Generally, a random value is generated as the initialization vector for each encryption.

CFB mode (ciphertext feedback mode)

CFB is also known as the ciphertext feedback mode. The previous ciphertext group will be sent to the input of the cryptographic algorithm, and the output result will be XORed with the plaintext. Unlike ECB and CBC modes that can only encrypt block data, CFB can convert block cipher text (Block Cipher) into stream cipher text.

The encryption and decryption process is as follows:

OFB mode (output feedback mode)

OFB is also called output feedback mode. The output of the previous set of cryptographic algorithms will be input to the input of the next set of cryptographic algorithms. First use the block cipher to generate the key stream, and then XOR the key stream with the plaintext stream to get the ciphertext stream. Decryption is to first generate the key stream with the block cipher, and then XOR the key stream with the ciphertext stream. In plaintext, due to the symmetry of the XOR operation, the process of encryption and decryption is exactly the same.

The effect of changing a clear text group on the four working modes

• ECB: only affects the current group, but the same plaintext group produces the same ciphertext. The characteristic of the group is sometimes a serious security weakness
• CBC: The current group and subsequent groups are affected and can be used as an authentication code
• OFB: Only affect the current group, can be used in satellite communication
• CFB: The current group and subsequent groups are affected and can be used as an authentication code

Job case

Enter the last two digits of the student number n, and the last two digits of the year of birth m (99 years after 00).

x1 = n mod 64,
x2 = (n + 20) mod 64,
x3 = (n + 40) mod 64,

Initial vector IV = m mod 64,
K = (1 0 0 1 1 0), Ek(z) = z ⊕ k

Find y1, y2, y3 in the four modes?

The Python version is as follows:

# ECB模式
def ecb_enc():
    return x1^key, x2^key, x3^key


# CBC模式
def cbc_enc():
    return (iv^x1)^key, (((iv^x1)^key)^x2)^key, (((((iv^x1)^key)^x2)^key)^x3)^key


# OFB模式
def ofb_enc():
    return x1^(iv^key), x2^((iv^key)^key), x3^(((iv^key)^key)^key)


# CFB模式
def cfb_enc():
    return x1^(iv^key), x2^(x1^(iv^key)^key), x3^(x2^(x1^(iv^key)^key)^key)


# 输入学号后两位数字 n，出生年份后两位数字 m (00后取99年)。
print('请输入学号后两位数字 n:')
n = int(input())
print('请输入出生年份后两位数字 m:')
m = int(input())

x1, x2, x3 =  n % 64, (n + 20) % 64, (n + 40) % 64
iv = m % 64
k = '100110'

key = int(k,2)
print('x1={}, x2={}, x3={}'.format(x1,x2,x3))
# 转为二进制后
print('转为二进制后: x1={}, x2={}, x3={}'.format(bin(x1),bin(x2),bin(x3)))

# ECB模式下
ecb_y1, ecb_y2, ecb_y3 = ecb_enc()
print('ECB模式下: y1={}, y2={}, y3={}, 二进制: y1={}, y2={}, y3={}'.format(ecb_y1, ecb_y2, ecb_y3, bin(ecb_y1), bin(ecb_y2), bin(ecb_y3)))

# CBC模式下
cbc_y1, cbc_y2, cbc_y3 = cbc_enc()
print('CBC模式下: y1={}, y2={}, y3={}, 二进制: y1={}, y2={}, y3={}'.format(cbc_y1, cbc_y2, cbc_y3, bin(cbc_y1), bin(cbc_y2), bin(cbc_y3)))

# OFB模式下
ofb_y1, ofb_y2, ofb_y3 = ofb_enc()
print('OFB模式下: y1={}, y2={}, y3={}, 二进制: y1={}, y2={}, y3={}'.format(ofb_y1, ofb_y2, ofb_y3, bin(ofb_y1), bin(ofb_y2), bin(ofb_y3)))

# CFB模式下
cfb_y1, cfb_y2, cfb_y3 = cfb_enc()
print('CFB模式下: y1={}, y2={}, y3={}, 二进制: y1={}, y2={}, y3={}'.format(cfb_y1, cfb_y2, cfb_y3, bin(cfb_y1), bin(cfb_y2), bin(cfb_y3)))

The results are as follows: