In cryptography, a **block cipher** is a symmetric key cipher which operates on fixed-length groups of bits, termed *blocks*, with an unvarying transformation. When encrypting, a block cipher might take a (for example) 128-bit block of plaintext as input, and output a corresponding 128-bit block of ciphertext. The exact transformation is controlled using a second input — the secret key. Decryption is similar: the decryption algorithm takes, in this example, a 128-bit block of ciphertext together with the secret key, and yields the original 128-bit block of plaintext. Image File history File links Encryption. ...
Image File history File links Encryption. ...
Image File history File links Decryption. ...
Image File history File links Decryption. ...
The German Lorenz cipher machine, used in World War II for encryption of very high-level general staff messages Cryptography (or cryptology; derived from Greek ÎºÏÏ…Ï€Ï„ÏŒÏ‚ kryptÃ³s hidden, and the verb Î³ÏÎ¬Ï†Ï‰ grÃ¡fo write or Î»ÎµÎ³ÎµÎ¹Î½ legein to speak) is the study of message secrecy. ...
Symmetric-key algorithms are a class of algorithms for cryptography that use trivially related cryptographic keys for both decryption and encryption. ...
This article is about algorithms for encryption and decryption. ...
This article is about the unit of information. ...
In cryptography, plaintext is information used as input to an encryption algorithm; the output is termed ciphertext. ...
A key is a piece of information that controls the operation of a cryptography algorithm. ...
To encrypt messages longer than the block size (128 bits in the above example), a mode of operation is used. In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. ...
OFB redirects here. ...
Block ciphers can be contrasted with stream ciphers; a stream cipher operates on individual digits one at a time, and the transformation varies during the encryption. The distinction between the two types is not always clear-cut: a block cipher, when used in certain modes of operation, acts effectively as a stream cipher. The operation of the keystream generator in A5/1, a LFSR-based stream cipher used to encrypt mobile phone conversations. ...
OFB redirects here. ...
An early and highly influential block cipher design was the Data Encryption Standard (DES), developed at IBM and published as a standard in 1977. A successor to DES, the Advanced Encryption Standard (AES), was adopted in 2001. The Data Encryption Standard (DES) is a cipher (a method for encrypting information) selected as an official Federal Information Processing Standard (FIPS) for the United States in 1976, and which has subsequently enjoyed widespread use internationally. ...
For other uses, see IBM (disambiguation) and Big Blue. ...
Also: 1977 (album) by Ash. ...
In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ...
Year 2001 (MMI) was a common year starting on Monday (link displays the 2001 Gregorian calendar). ...
## Generalities
A block cipher consists of two paired algorithms, one for encryption, *E*, and another for decryption, *E*^{-1}. Both algorithms accept two inputs: an input block of size *n* bits and a key of size *k* bits, yielding an *n*-bit output block. For any one fixed key, decryption is the inverse function of encryption, so that A key is a piece of information that controls the operation of a cryptography algorithm. ...
In mathematics, an inverse function is in simple terms a function which does the reverse of a given function. ...
for any block *M* and key *K*. For each key *K*, *E*_{K} is a permutation (a bijective mapping) over the set of input blocks. Each key selects one permutation from the possible set of 2^{n}!. Permutation is the rearrangement of objects or symbols into distinguishable sequences. ...
In mathematics, a bijection, bijective function, or one-to-one correspondence is a function that is both injective (one-to-one) and surjective (onto), and therefore bijections are also called one_to_one and onto. ...
The block size, *n*, is typically 64 or 128 bits, although some ciphers have a variable block size. 64 bits was the most common length until the mid-1990s, when new designs began to switch to the longer 128-bit length. One of several modes of operation is generally used along with a padding scheme to allow plaintexts of arbitrary lengths to be encrypted. Each mode has different characteristics in regard to error propagation, ease of random access and vulnerability to certain types of attack. Typical key sizes (*k*) include 40, 56, 64, 80, 128, 192 and 256 bits. As of 2006, 80 bits is normally taken as the minimum key length needed to prevent brute force attacks. In modern cryptography, symmetric key ciphers are generally divided into stream ciphers and block ciphers. ...
OFB redirects here. ...
In cryptography, padding is the practice of adding material of varying length to the plaintext of messages. ...
In cryptography, the key size (alternatively key length) is the size of the digits used to create an encrypted text; it is therefore also a measure of the number of possible keys which can be used in a cipher, and the number of keys which must be tested to break...
2006 is a common year starting on Sunday of the Gregorian calendar. ...
The EFFs US$250,000 DES cracking machine contained over 1,800 custom chips and could brute force a DES key in a matter of days â€” the photograph shows a DES Cracker circuit board fitted with several Deep Crack chips. ...
### Iterated block ciphers Most block ciphers are constructed by repeatedly applying a simpler function. This approach is known as *iterated block cipher* (see also product cipher). Each iteration is termed a *round*, and the repeated function is termed the *round function*; anywhere between 4 to 32 rounds are typical. In cryptography, a product cipher is a popular type of block cipher that works by executing in sequence a number of simple transformations such as substitution, permutation, and modular arithmetic. ...
Many block ciphers can be categorised as Feistel networks, or, as more general substitution-permutation networks. Arithmetic operations, logical operations (especially XOR), S-boxes and various permutations are all frequently used as components. In cryptography, a Feistel cipher is a block cipher with a particular structure, named after IBM cryptographer Horst Feistel; it is also commonly known as a Feistel network. ...
In cryptography, an SP-network, or substitution-permutation network (SPN), is a series of linked mathematical operations used in block cipher algorithms such as AES. These networks consist of S-boxes and P-boxes that transform blocks of input bits into output bits. ...
Arithmetic tables for children, Lausanne, 1835 Arithmetic or arithmetics (from the Greek word Î±ÏÎ¹Î¸Î¼ÏŒÏ‚ = number) is the oldest and most elementary branch of mathematics, used by almost everyone, for tasks ranging from simple day-to-day counting to advanced science and business calculations. ...
A logic gate performs a logical operation on one or more logic inputs and produces a single logic output. ...
Exclusive disjunction (usual symbol xor) is a logical operator that results in true if one of the operands (not both) is true. ...
In cryptography, a substitution box (or S-box) is a basic component of symmetric key algorithms. ...
Permutation is the rearrangement of objects or symbols into distinguishable sequences. ...
## History Lucifer is generally considered to be the first civilian block cipher, developed at IBM in the 1970s based on work done by Horst Feistel. A revised version of the algorithm was adopted as a US government FIPS standard, the Data Encryption Standard (DES). It was chosen by the US National Bureau of Standards (NBS) after a public invitation for submissions and some internal changes by NBS (and, potentially, the NSA). DES was publicly released in 1976 and has been widely used. In cryptography, Lucifer was the name given to several of the earliest civilian block ciphers, developed by Horst Feistel and his colleagues at IBM. Lucifer was a direct precursor to the Data Encryption Standard. ...
For other uses, see IBM (disambiguation) and Big Blue. ...
The 1970s decade refers to the years from 1970 to 1979, also called The Seventies. ...
Horst Feistel (30 January 1915(1)â€“14 November 1990) was a cryptographer who worked on the design of ciphers at IBM, initiating research that would culminate in the development of the Data Encryption Standard (DES) in the 1970s. ...
For other uses of terms redirecting here, see US (disambiguation), USA (disambiguation), and United States (disambiguation) Motto In God We Trust(since 1956) (From Many, One; Latin, traditional) Anthem The Star-Spangled Banner Capital Washington, D.C. Largest city New York City National language English (de facto)1 Demonym American...
Federal Information Processing Standards (FIPS) are publicly announced standards developed by the U.S. Federal government for use by all (non-military) government agencies and by government contractors. ...
The Data Encryption Standard (DES) is a cipher (a method for encrypting information) selected as an official Federal Information Processing Standard (FIPS) for the United States in 1976, and which has subsequently enjoyed widespread use internationally. ...
NBS can stand for: Nash Bargaining Solution in Economics National Banking System in Economics National Bureau of Standards which is, today, called NIST (National Institute of Standards and Technology). ...
NSA can stand for: National Security Agency of the USA The British Librarys National Sound Archive This page concerning a three-letter acronym or abbreviation is a disambiguation page â€” a navigational aid which lists other pages that might otherwise share the same title. ...
Year 1976 Pick up sticks(MCMLXXVI) was a leap year starting on Thursday (link will display full calendar) of the Gregorian calendar. ...
DES was designed, among other things, to resist a certain cryptanalytic attack known to the NSA and rediscovered by IBM, though unknown publicly until rediscovered again and published by Eli Biham and Adi Shamir in the late 1980s. The technique is called differential cryptanalysis and remains one of the few general attacks against block ciphers; linear cryptanalysis is another, but may have been unknown even to NSA, prior to its publication by Mitsuru Matsui. DES prompted a large amount of other work and publications in cryptography and cryptanalysis in the open community and it inspired many new cipher designs. Eli Biham is an Israeli cryptographer and cryptanalyst, currently a professor at the Technion Israeli Institute of Technology Computer Science department. ...
This article does not cite any references or sources. ...
The 1980s refers to the years from 1980 to 1989. ...
Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ...
In cryptography, linear cryptanalysis is a general form of cryptanalysis based on finding affine approximations to the action of a cipher. ...
Mitsuru Matsui is a Japanese cryptographer and senior researcher for Mitsubishi Electric Company. ...
The German Lorenz cipher machine, used in World War II for encryption of very high-level general staff messages Cryptography (or cryptology; derived from Greek ÎºÏÏ…Ï€Ï„ÏŒÏ‚ kryptÃ³s hidden, and the verb Î³ÏÎ¬Ï†Ï‰ grÃ¡fo write or Î»ÎµÎ³ÎµÎ¹Î½ legein to speak) is the study of message secrecy. ...
Cryptanalysis (from the Greek kryptÃ³s, hidden, and analÃ½ein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ...
DES has a block size of 64 bits and a key size of 56 bits. 64-bit blocks became common in block cipher designs after DES. Key length depended on several factors, including government regulation. Many observers in the 1970s commented that the 56-bit key length used for DES was too short. As time went on, its inadequacy became apparent, especially after a special purpose machine designed to break DES was demonstrated in 1998 by the Electronic Frontier Foundation. A variant of DES, Triple DES, triple-encrypts blocks with (usually) two different keys (2TDES), resulting in a 112-bit keys and 80-bit security. It was widely adopted as a replacement and is still (2004) considered secure. In cryptography, the key size (alternatively key length) is the size of the digits used to create an encrypted text; it is therefore also a measure of the number of possible keys which can be used in a cipher, and the number of keys which must be tested to break...
A key is a piece of information that controls the operation of a cryptography algorithm. ...
Year 1998 (MCMXCVIII) was a common year starting on Thursday (link will display full 1998 Gregorian calendar). ...
EFF Logo The Electronic Frontier Foundation (EFF) is an international non-profit advocacy and legal organization based in the United States with the stated purpose of being dedicated to preserving free speech rights such as those protected by the First Amendment to the United States Constitution in the context of...
In cryptography, Triple DES (also 3DES) is a block cipher formed from the Data Encryption Standard (DES) cipher. ...
Year 2004 (MMIV) was a leap year starting on Thursday of the Gregorian calendar. ...
DES has been superseded as a United States Federal Standard by the Advanced Encryption Standard (AES), adopted by National Institute of Standards and Technology (NIST) in 2001 after a 5-year public competition. The cipher was developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, and submitted under the name *Rijndael.* (See AES page for pronunciation.) AES has a block size of 128 bits and three possible key sizes, 128, 192 and 256 bits. The US Government permits the use of AES to protect classified information in systems approved by NSA. In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ...
NIST logo The National Institute of Standards and Technology (NIST, formerly known as The National Bureau of Standards) is a non-regulatory agency of the United States Department of Commerceâ€™s Technology Administration. ...
Year 2001 (MMI) was a common year starting on Monday (link displays the 2001 Gregorian calendar). ...
The Advanced Encryption Standard (AES), the block cipher ratified as a standard by National Institute of Standards and Technology (NIST), was chosen using a process markedly more open and transparent than its predecessor, the ageing Data Encryption Standard (DES). ...
Joan Daemen (born 1965) is a Belgian cryptographer and one of the designers of Rijndael, the Advanced Encryption Standard (AES), together with Vincent Rijmen. ...
Together with Joan Daemen, Vincent Rijmen designed the Rijndael block cipher, which was selected as the Advanced Encryption Standard in 2000. ...
In cryptography, the Advanced Encryption Standard (AES), also known as Rijndael, is a block cipher adopted as an encryption standard by the U.S. government. ...
In cryptography, the key size (alternatively key length) is the size of the digits used to create an encrypted text; it is therefore also a measure of the number of possible keys which can be used in a cipher, and the number of keys which must be tested to break...
A typical classified document. ...
NSA can stand for: National Security Agency of the USA The British Librarys National Sound Archive This page concerning a three-letter acronym or abbreviation is a disambiguation page â€” a navigational aid which lists other pages that might otherwise share the same title. ...
## Cryptanalysis In addition to linear and differential cryptanalysis, there is a growing catalog of attacks: truncated differential cryptanalysis, partial differential cryptanalysis, integral cryptanalysis, which encompasses square and integral attacks, slide attacks, boomerang attacks, the XSL attack, impossible differential cryptanalysis and algebraic attacks. For a new block cipher design to have any credibility, it must demonstrate evidence of security against known attacks. Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ...
In cryptography, truncated differential cryptanalysis is a generalization of differential cryptanalysis, an attack against block ciphers. ...
In cryptography, integral cryptanalysis is a cryptanalytic attack that is particularly applicable to block ciphers based around Substitution-permutation networks. ...
The idea of the slide attack was originally published by Edna Grossman and Bryant Tuckerman in an IBM Technical Report in 1977. ...
In cryptography, the boomerang attack is a method for the cryptanalysis of block ciphers, based on differential cryptanalysis invented by David Wagner in 1999. ...
New Scientist magazine featured the XSL attack in June 2003 with an article billed as Cipher crisis: the end of internet privacy. In cryptography, the XSL attack is a method of cryptanalysis for block ciphers. ...
This page meets Wikipedias criteria for speedy deletion. ...
## Tweakable block ciphers M. Liskov, R. Rivest, and D. Wagner have described a generalized version of block ciphers called "tweakable" block ciphers. A tweakable block cipher accepts a second input called the *tweak* along with its usual plaintext or ciphertext input. The tweak, along with the key, selects the permutation computed by the cipher. If changing tweaks is sufficiently lightweight (compared with a usually-fairly-expensive key setup operation), then some interesting new operation modes become possible. The disk encryption theory article describes some of these modes. Disk encryption is a special case of data at rest protection when the storage media is a sector-addressable device (e. ...
## Block ciphers and other cryptographic primitives Block ciphers can be used to build other cryptographic primitives. For these other primitives to be cryptographically secure care has to be taken to build them the right way. Stream ciphers can be built using block ciphers. OFB-mode and CTR mode are block modes that turn a block cipher into a stream cipher. The operation of the keystream generator in A5/1, a LFSR-based stream cipher used to encrypt mobile phone conversations. ...
OFB redirects here. ...
Cryptographic hash functions can be built using block ciphers. See one-way compression function for descriptions of several such methods. The methods resemble the block cipher modes of operation usually used for encryption. In cryptography, a cryptographic hash function is a hash function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. ...
In cryptography, a one-way compression function is a function that transforms two fixed length inputs to an output of the same size as one of the inputs. ...
OFB redirects here. ...
Just as block ciphers can be used to build hash functions, hash functions can be used to build block ciphers. Examples of such block ciphers are SHACAL, BEAR and LION. In cryptography, a cryptographic hash function is a hash function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. ...
SHACAL-1 and SHACAL-2 are block ciphers based on cryptographic hash function from the SHA family. ...
Cryptographically secure pseudorandom number generators (CSPRNGs) can be built using block ciphers. A cryptographically secure pseudo-random number generator (CSPRNG) is a pseudo-random number generator (PRNG) with properties that make it suitable for use in cryptography. ...
Message authentication codes (MACs) are often built from block ciphers. CBC-MAC, OMAC and PMAC are such MACs. A cryptographic message authentication code (MAC) is a short piece of information used to authenticate a message. ...
CBC-MAC stands for Cipher Block Chaining Message Authentication Code. ...
OMAC (One-key MAC) is a message authentication code constructed from a block cipher much like the PMAC algorithm. ...
PMAC, which stands for Parallelizable MAC, is a message authentication code algorithm. ...
Authenticated encryption is also built from block ciphers. It means to both encrypt and MAC at the same time. That is to both provide confidentiality and authentication. CCM, EAX, GCM and OCB are such authenticated encryption modes. Authenticated Encryption (AE) is a term used to describe encryption systems which simultaneously protect confidentiality and authenticity (integrity) of communications. ...
Confidentiality has been defined by the International Organization for Standardization (ISO) as ensuring that information is accessible only to those authorized to have access and is one of the cornerstones of Information security. ...
For other uses of the terms authentication, authentic and authenticity, see authenticity. ...
CCM mode (Counter with CBC-MAC) is a mode of operation for cryptographic block ciphers. ...
EAX mode is a mode of operation for cryptographic block ciphers. ...
GCM mode (Galois/Counter Mode) is a mode of operation for symmetric key cryptographic block ciphers. ...
OCB mode (Offset Codebook Mode) is a mode of operation for cryptographic block ciphers. ...
## See also
| **Cryptography Portal** | Image File history File links Crypto_key. ...
The German Lorenz cipher machine, used in World War II for encryption of very high-level general staff messages Cryptography (or cryptology; derived from Greek ÎºÏÏ…Ï€Ï„ÏŒÏ‚ kryptÃ³s hidden, and the verb Î³ÏÎ¬Ï†Ï‰ grÃ¡fo write or Î»ÎµÎ³ÎµÎ¹Î½ legein to speak) is the study of message secrecy. ...
OFB redirects here. ...
In cryptography, confusion and diffusion are two properties of the operation of a secure cipher which were identified by Shannon in his paper, Communication Theory of Secrecy Systems published in 1949. ...
In cryptography, a pseudorandom permutation, abbreviated PRP, is an idealized block cipher. ...
The Advanced Encryption Standard (AES), the block cipher ratified as a standard by National Institute of Standards and Technology (NIST), was chosen using a process markedly more open and transparent than its predecessor, the ageing Data Encryption Standard (DES). ...
This article is intended to be an analytic glossary, or alternatively, an organized collection of annotated pointers. ...
Disk encryption is a special case of data at rest protection when the storage media is a sector-addressable device (e. ...
## References - M. Liskov, R. Rivest, and D. Wagner, "Tweakable Block Ciphers", Crypto 2002 PDF.
## External links |