des_modes man page on DigitalUNIX
Printed from http://www.polarhome.com/service/man/?qf=des_modes&af=0&tf=2&of=DigitalUNIX

des_modes(7)							  des_modes(7)

NAME
       des_modes - Variants of DES and other crypto algorithms of OpenSSL

DESCRIPTION
       Several crypto algorithms for OpenSSL can be used in a number of modes.
       Those are used for using block ciphers  in  a  way  similar  to	stream
       ciphers, among other things.

   Electronic Codebook Mode (ECB)
       Normally,  this	is  found as the algorithm_ecb_encrypt() function.  64
       bits are enciphered at a time.  The order of the blocks	can  be	 rear‐
       ranged without detection.  The same plaintext block always produces the
       same ciphertext block (for the same key) making it vulnerable to a dic‐
       tionary attack.	An error will only affect one ciphertext block.

   Cipher Block Chaining Mode (CBC)
       Normally,  this	is  found  as  the algorithm_cbc_encrypt()function. Be
       aware that des_cbc_encrypt() is not really DES CBC (it does not	update
       the IV); use the des_ncbc_encrypt() function instead.  A multiple of 64
       bits are enciphered at a time.  The CBC mode produces the same  cipher‐
       text  whenever  the  same plaintext is encrypted using the same key and
       starting variable.  The chaining operation makes the ciphertext	blocks
       dependent  on the current and all preceding plaintext blocks and there‐
       fore blocks can not be rearranged.  The use of different starting vari‐
       ables  prevents	the same plaintext enciphering to the same ciphertext.
       An error will affect the current and the following ciphertext blocks.

   Cipher Feedback Mode (CFB)
       Normally, this is found as  the	algorithm_cfb_encrypt()	 function.   A
       number  of  bits (j) <= 64 are enciphered at a time.  The CFB mode pro‐
       duces the same ciphertext whenever  the	same  plaintext	 is  encrypted
       using the same key and starting variable.  The chaining operation makes
       the ciphertext variables dependent on the  current  and	all  preceding
       variables  and  therefore  j-bit variables are chained together and can
       not be rearranged.  The use of different	 starting  variables  prevents
       the same plaintext enciphering to the same ciphertext.  The strength of
       the CFB mode depends on the size of k (maximal if j ==  k).   Selection
       of  a  small value for j will require more cycles through the encipher‐
       ment algorithm per unit of plaintext and thus cause greater  processing
       overheads.   Only multiples of j bits can be enciphered.	 An error will
       affect the current and the following ciphertext variables.

   Output Feedback Mode (OFB)
       Normally, this is found as  the	algorithm_ofb_encrypt()	 function.   A
       number  of  bits (j) <= 64 are enciphered at a time.  The OFB mode pro‐
       duces the same ciphertext whenever the same plaintext enciphered	 using
       the  same  key  and  starting variable.	More over, in the OFB mode the
       same key stream is produced when the same key and  start	 variable  are
       used.   Consequently,  for  security  reasons a specific start variable
       should be used only once for a given  key.   The	 absence  of  chaining
       makes  the OFB more vulnerable to specific attacks.  The use of differ‐
       ent start variables values prevents the same plaintext  enciphering  to
       the  same ciphertext, by producing different key streams.  Selection of
       a small value for j will require more cycles through  the  encipherment
       algorithm per unit of plaintext and thus cause greater processing over‐
       heads.  Only multiples of j bits can be enciphered.  OFB mode of opera‐
       tion  does not extend ciphertext errors in the resultant plaintext out‐
       put.  Every bit error in the ciphertext causes only one bit  to	be  in
       error in the deciphered plaintext.  OFB mode is not self-synchronizing.
       If the two operation of encipherment and decipherment get out  of  syn‐
       chronism,  the system needs to be reinitialized.	 Each reinitialization
       should use a value of the start variable different from the start vari‐
       able values used before with the same key.  The reason for this is that
       an identical bit stream would be	 produced  each	 time  from  the  same
       parameters.  This would be susceptible to a known plaintext attack.

   Triple ECB Mode
       Normally,  this	is  found  as  the algorithm_ecb3_encrypt() function .
       Encrypt with key1, decrypt with key2 and encrypt with key3  again.   As
       for  ECB encryption but increases the key length to 168 bits. There are
       theoretic attacks that can be used that make the effective  key	length
       112 bits, but this attack also requires 2^56 blocks of memory, not very
       likely, even for the NSA.  If both keys are the same it	is  equivalent
       to  encrypting  once  with just one key.	 If the first and last key are
       the same, the key length is 112 bits.  There  are  attacks  that	 could
       reduce  the  effective key strength to only slightly more than 56 bits,
       but these require a lot of memory.  If all 3 keys are the same, this is
       the same as normal ecb mode.

   Triple CBC Mode
       Normally,  this is found as the algorithm_ede3_cbc_encrypt() function .
       Encrypt with key1, decrypt with key2 and then encrypt  with  key3.   As
       for  CBC	 encryption  but increases the key length to 168 bits with the
       same restrictions as for triple ecb mode.

								  des_modes(7)
[top]

List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net