09-08.html

Wiley - Applied Cryptography, Protocols, Algorthms, and Source Code in C

<P>
<B>Applied Cryptography, Second Edition: Protocols,  Algorthms, and Source Code in C (cloth)</B>
<FONT SIZE="-1">
<BR>
<I>(Publisher: John Wiley & Sons, Inc.)</I>
<BR>
Author(s): Bruce Schneier
<BR>
ISBN: 0471128457
<BR>
Publication Date: 01/01/96
</FONT>
<P>
<form name="Search" method="GET" action="http://search.earthweb.com/search97/search_redir.cgi">

<INPUT TYPE="hidden" NAME="Action" VALUE="Search">
<INPUT TYPE="hidden" NAME="SearchPage" VALUE="http://search.earthweb.com/search97/samples/forms/srchdemo.htm">
<INPUT TYPE="hidden" NAME="Collection" VALUE="ITK">
<INPUT TYPE="hidden" NAME="ResultTemplate" VALUE="itk-full.hts">
<INPUT TYPE="hidden" NAME="ViewTemplate" VALUE="view.hts">

<font face="arial, helvetica" size=2><b>Search this book:</b></font><br>
<INPUT NAME="queryText" size=50 VALUE="">&nbsp;<input type="submit" name="submitbutton" value="Go!">
<INPUT type=hidden NAME="section_on" VALUE="on">
<INPUT type=hidden NAME="section" VALUE="http://www.itknowledge.com/reference/standard/0471128457/">

</form>


<!-- Empty Reference Subhead -->

<!--ISBN=0471128457//-->
<!--TITLE=APPLIED CRYPTOGRAPHY, SECOND EDITION: Protocols, Algorithms, and Source Code in C//-->
<!--AUTHOR=Bruce Schneier//-->
<!--PUBLISHER=Wiley Computer Publishing//-->
<!--CHAPTER=09//-->
<!--PAGES=208-209//-->
<!--UNASSIGNED1//-->
<!--UNASSIGNED2//-->

<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="09-07.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="09-09.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<H3><A NAME="Heading12"></A><FONT COLOR="#000077">9.11  Choosing a Cipher Mode</FONT></H3>
<P>If simplicity and speed are your main concerns, ECB is the easiest and fastest mode to use a block cipher. It is also the weakest. Besides being vulnerable to replay attacks, an algorithm in ECB mode is the easiest to cryptanalyze. I don&#146;t recommend ECB for message encryption.
</P>
<P>For encrypting random data, such as other keys, ECB is a good mode to use. Since the data is short and random, none of the shortcomings of ECB matter for this application.</P>
<P>For normal plaintext, use CBC, CFB, or OFB. Which mode you choose depends on your specific requirements. Table 9.1 gives a summary of the security and efficiency of the various modes.</P>
<P>CBC is generally best for encrypting files. The increase in security is significant; and while there are sometimes bit errors in stored data, there are almost never synchronization errors. If your application is software-based, CBC is almost always the best choice.</P>
<CENTER><CAPTION COLSPAN="2"><B>Table 9.1<BR>Summary of Block Cipher Modes</B>
</CENTER>

<TABLE BORDER="2" BORDERCOLOR="#0000" ALIGN="CENTER">
<TR><TD>
<TABLE WIDTH="100%">
<TR>
<TD COLSPAN="2" VALIGN="TOP" ALIGN="LEFT">ECB:
<TD COLSPAN="2" VALIGN="TOP" ALIGN="LEFT">CBC:
<TR>
<TD VALIGN="TOP" WIDTH="5%" ALIGN="LEFT">
<TD WIDTH="45%" ALIGN="LEFT"><B><I>Security</I>:</B>
<TD VALIGN="TOP" WIDTH="5%" ALIGN="LEFT">
<TD WIDTH="45%" ALIGN="LEFT"><B><I>Security</I>:</B>
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- Plaintext patterns are not concealed.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; Plaintext patterns are concealed by XORing with previous ciphertext block.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- Input to the block cipher is not randomized; it is the same as the plaintext.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43;Input to the block cipher is randomized by XORing with the previous ciphertext block.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43;More than one message can be encrypted with the same key.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; More than one message can be encrypted with the same key.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- Plaintext is easy to manipulate, blocks can be removed, repeated, or interchanged.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43;/- Plaintext is somewhat difficult to manipulate; blocks can be removed from the beginning and end of the message, bits of the first block can be changed, and repetition allows some controlled changes.
<TR>
<TD WIDTH="5%" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT"><B><I>Efficiency</I>:</B>
<TD WIDTH="5%" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT"><B><I>Efficiency</I>:</B>
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; Speed is the same as the block cipher.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; Speed is the same as the block cipher.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">Ciphertext is up to one block longer than the plaintext, due to padding.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- Ciphertext is up to one block longer than the plaintext, not counting the IV.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- No preprocessing is possible.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- No preprocessing is possible.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; Processing is parallelizable.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43;/- Encryptions not parallelizable; decryption is parallelizable and has a random-access property.
<TR>
<TD WIDTH="5%" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT"><B><I>Fault-tolerance</I>:</B>
<TD WIDTH="5%" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT"><B><I>Fault-tolerance</I>:</B>
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- A ciphertext error affects one full block of plaintext.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- A ciphertext error affects one full block of plaintext and the corresponding bit in the next block.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- Synchronization error  is unrecoverable.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- Synchronization error is unrecoverable.
<TR>
<TD COLSPAN="4"><HR>
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">CFB:
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">OFB/Counter:
<TR>
<TD WIDTH="5%" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT"><B><I>Security</I>:</B>
<TD WIDTH="5%" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT"><B><I>Security</I>:</B>
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; Plaintext patterns are concealed.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; Plaintext patterns are concealed.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; Input to the block cipher is randomized.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; Input to the block cipher is randomized.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; More than one message can be encrypted with the same key provided that a different IV is used.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; More than one message can be encrypted with the same key, provided that a different IV is used.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43;/- Plaintext is somewhat difficult to manipulate;blocks can be removed from the beginning and end of the message, bits of the first block can be changed, and repetition allows some controlled changes.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- Plaintext is very easy to manipulate, any change in ciphertext directly affects the plaintext.
<TR>
<TD WIDTH="5%" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT"><B><I>Efficiency</I>:</B>
<TD WIDTH="5%" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT"><B><I>Efficiency</I>:</B>
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; Speed is the same as the block cipher.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; Speed is the same as the block cipher.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- Ciphertext is the same size as the plaintext, not counting the IV.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- Ciphertext is the same size as the plaintext, not counting the IV.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43;/- Encryption is not parallelizable; decryption is parallelizable and has a random-access property.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; Processing is possible before the message is seen.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- Some preprocessing is possible before a block is seen; the previous ciphertext block can be encrypted.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">-/&#43; OFB processing is not parallelizable; counter processing is parallelizable.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43;/- Encryption is not parallelizable; decryption is parallelizable and has a random-access property.
<TR>
<TD WIDTH="5%" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT"><B><I>Fault-tolerance</I>:</B>
<TD WIDTH="5%" ALIGN="LEFT">
<TD VALIGN="TOP" ALIGN="LEFT"><B><I>Fault-tolerance</I>:</B>
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">- A ciphertext error affects the corresponding bit of plaintext and the next full block.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43; A ciphertext error affects only the corresponding bit of plaintext.
<TR>
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">&#43;Synchronization errors of full block sizes are recoverable. 1-bit CFB can recover from the addition or loss of single bits.
<TD VALIGN="TOP" COLSPAN="2" ALIGN="LEFT">-Synchronization error is unrecoverable.
</TABLE>
</TABLE>

<P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="09-07.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="09-09.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>

[an error occurred while processing this directive]
<!-- all of the reference materials (books) have the footer and subfoot reveresed -->
<!-- reference_subfoot = footer -->
<!-- reference_footer = subfoot -->

<!-- BEGIN SUB FOOTER -->
		<br><br>
		</TD>
    </TR>
	</TABLE>

		
	<table width="640" border=0 cellpadding=0 cellspacing=0>
		<tr>
		<td align="left" width=135><img src="/images/white.gif" width=100 height="1" alt="" border="0"></td>
		
		
<!-- END SUB FOOTER -->

<!-- all of the books have the footer and subfoot reveresed -->
<!-- reference_subfoot = footer -->
<!-- reference_footer = subfoot -->

<!-- FOOTER -->
			
		<td width="515" align="left" bgcolor="#FFFFFF">
<font face="arial, helvetica" size="1"><b><a href="/products.html"><font color="#006666">Products</font></a>&nbsp;|&nbsp; <a href="/contactus.html"><font color="#006666">Contact Us</font></a>&nbsp;|&nbsp; <a href="/aboutus.html"><font color="#006666">About Us</font></a>&nbsp;|&nbsp; <a href="http://www.earthweb.com/corporate/privacy.html" target="_blank"><font color="#006666">Privacy</font></a> &nbsp;|&nbsp; <a href="http://www.itmarketer.com/" target="_blank"><font color="#006666">Ad Info</font></a> &nbsp;|&nbsp; <a href="/"><font color="#006666">Home</font></a></b>
		<br><br>
		
		Use of this site is subject to certain <a href="/agreement.html">Terms &amp; Conditions</a>, <a href="/copyright.html">Copyright &copy; 1996-1999 EarthWeb Inc.</a><br> 
All rights reserved.  Reproduction whole or in part in any form or medium without express written permision of EarthWeb is prohibited.</font><p>
</td>
		</tr>
</table>
</BODY>
</HTML>

<!-- END FOOTER -->