Questions tagged [cbc]

Cipher block chaining (CBC) is a method for encrypting large amounts of data with a block cipher that can only encrypt fixed length plaintexts. When used with an unpredictable initialization vector (IV), it is secure against chosen plaintext attacks (CPA-secure).

CBC finally is removed from TLS 1.3.

491 questions

votes

2 answers

CBC mode with predictable IV ok if key is only used once?

Someone told me recently that using CBC mode with a predictable (e.g. all 0) IV is reasonably secure if a key is only used for encryption one time. I've gone through a couple of examples of chosen plaintext attacks against CBC mode with a…

cbc

asked Aug 30 '21 at 00:04

Swashbuckler

2,053
10
8

votes

1 answer

In CBC mode if 2 cipher blocks are same then is CBC still secure?

I was going through this question Why is it said that if we have a duplicate ciphertext block it can leak our information? and I was just wondering if there is a $P_i \oplus P_j= C_{i−1}\oplus C_{j−1}$ relationship, is CBC still secure? How does…

cbc

asked Oct 01 '19 at 02:16

Aish2410

votes

1 answer

Reverse the order of encryption and decryption in CBC mode. Does this work?

To encrypt a message, one uses the algorithm for doing a CBC decryption. To decrypt a message, one uses the algorithm for doing a CBC encryption. Does this work?

cbc

asked Apr 25 '19 at 05:25

randomjsmash

votes

2 answers

Cipher Block Chaining Ciphertext Alteration

I am new to cryptography. My professor's slides say that "Disadvantage: altered ciphertext only influences two blocks" for the CBC. However, since we xor the ciphertext from the previous block and the present plaintext, before encryption; it seems…

cbc

asked Sep 19 '18 at 08:57

Ninja Bug

votes

1 answer

Is it dangerous to use plaintext as IV in CBC?

Is it dangerous to use plaintext as IV in CBC? For example: I want to encrypt $p1$, $p2$ with CBC. However I use $p2$ as the IV for CBC purposes. What would be the risk of not using a IV based on random number(s)?

cbc

asked Sep 14 '13 at 11:39

tony

vote

2 answers

CBC Mode error during encryption

In CBC mode I know that if i get a corrupted Ci* block than Pi and Pi+1 will be wrong during the decryption, but i believe that this happens only when Ci* is not envolved during the feedback stage at the encryption, my question is what happens if…

cbc

asked Dec 01 '17 at 08:51

Alonso

vote

1 answer

Question about Cipher Block Chaining(CBC)

I'm studying at the moment the CBC Encryption method,and I was asked in an excercise how many bits would be wrong after decryption if during the transmission 2 bits are interchanged. My guess is that the whole bits are wrong due to how CBC works, am…

cbc

asked Apr 27 '16 at 14:19

vc73

votes

0 answers

CBC byte flipping attack

I'm learning how CBC works but i don't understand when altering the first 2 bytes of the ciphered text why the 1rst block and ONLY the first 2 bytes of the second block are altered. The first 2 bytes of the cypher text are altered using a xor…

cbc

asked Feb 20 '22 at 19:44

Nadim Hajj

votes

2 answers

Modification of block cipher in CBC mode

I know that CBC is not secure against data modification. Can someone explain to me by illustrating at an example how I could change the last block if I have the encryption of "0"? Thanks in advance

cbc

asked May 10 '18 at 18:23

BugsBuggy

votes

1 answer

CBC-MAC using predictable IV

Imagine you have a string of plaintext (a), IV (ai) and the MAC (am) for the plaintext (a). How can you generate a MAC (bm) for a different string of plaintext (b) - using an IV (ib) of your choice, using the same key - which you don't know and…

cbc

asked Apr 25 '18 at 13:35

user58341

votes

1 answer

Implications of reversing CBC encryption

What would be the security implications if we reverse CBC encyption? Here is a picture of CBC encryption: Here is a picture of CBC decryption: My guess is that the encryption would work if we ran the decryption process for encryption and encryption…

cbc

asked Feb 20 '15 at 05:05

mrQWERTY

votes

1 answer

Proof that counter mode of operation and CBC mode are CPA secure when pseudorandom permutations?

I know counter mode can be CPA secure, when used with block ciphers modeled as random permutations. If we use pseudo-random permutations, is it still CPA secure? Is there a proof? How about CBC mode? When used with block ciphers modeled as…

cbc

asked Oct 22 '14 at 02:33

user3754216