An explanation of what CBC and ECB modes are.
These modes only apply to block ciphers, as they are designed to function using each block output. Block ciphers encrypt plaintext in blocks of a predefined size. RC4 (which, btw, is trademarked, so you should legally implement it under the pseduo-name ARCFOUR ) is a stream cipher, meaning that it encrypts each bit/byte individually "on the fly", if you will. Thus these block cipher modes do not direcly apply to stream cipher modes.
However, let's try a bit of creativity, to see if is possible to stretch these concepts to apply to stream ciphers, such as RC4.
ECB (Eletronic CodeBook) is just a fancy terminology for saying "this input always maps to that output". Meaning that the output ciphertext of certain input plaintext is always the same, regardless of what ciphertext preceeded it. Stream ciphers generate the keysteam used to XOR by the plaintext bit by bit, with each bit's value relient on it's position in the keystream. In a block cipher ECB mode, the same input block maps to the same output block every single time regardless of it's location. In a stream cipher, by definition, the same plaintext in different locations will be encrypted differently, because (by definition) a stream cipher generates keystream values critical to the position of the plaintext. Thus, one could argue that it is impossible to relate ECB to stream ciphers, based on the very principle that stream ciphers rely on.
Now consider CBC (Cipher Block Chaining) mode. In CBC mode, each block of input plaintext is first XOR'd by the previous output block of ciphertext before being encrypted. Thus, the plaintext for block, say, 5 is XOR'd by the output ciphertext of block 4, and the result is then encrypted. This idea works for a stream cipher, consider the following:
A stream cipher generates what is called a "keystream" of values, each of which is used once to encrypt one value of the plaintext, meaning that there are as many keystream values generated as there are plaintext values. As each byte of the keystream is generated, it is XOR'd by the corresponding byte in the plaintext.
So, to apply CBC mode to a stream cipher you first XOR the plaintext byte by the output ciphertext byte that preceeded it, then XOR it by the keystream byte. Or you could do it in blocks, and XOR a block of plaintext by a similarly-sized block of ciphertext from the plaintext block just before it.
Although there is no inherient need to apply CBC mode to RC4, it is possible to do, and you lose nothing by doing it.
Friday, March 20, 2009
Subscribe to:
Posts (Atom)
