CBC (short for cipher-block chaining) is a
If we summarize this process into a formula, it would look like:
Note: In the formula above, we are assuming C0 to be the initialization vector.
Similarly, decryption using the CBC can be done using:
The same initialization vector (C0) will be used for decryption.
The greatest advantage CBC has over ECB is that, with CBC mode, identical blocks do not have the same cipher. This is because the initialization vector adds a random factor to each block; hence, why the same blocks in different positions will have different ciphers.
Although CBC mode is more secure, its encryption is not tolerant of block losses. This is because blocks depend on their previous blocks for encryption. So, if block Bi is lost, the encryption of all subsequent blocks will not be possible. This chained behavior also means that the encryption of blocks needs to be done sequentially, not in parallel. However, these disadvantages do not extend to decryption, which can be done in parallel if all ciphertext blocks are available and can tolerate block losses.
The OpenSSL toolkit provides a set of simple commands to encrypt using AES modes. The template command for encrypting a 128-bit AES with CBC mode is:
openssl enc -aes-128-cbc -e -in inputfile.txt -out cipher.bin -K
00112233445566778889aabbccddeeff -iv 0102030405060708
In the command above, we will enter the name of the file we want to encrypt after the -in
flag, and the name and format of the output file after the -out
flag. The hex value of the encryption key should be provided after the -K
flag, and the hex value of the initialization vector should be provided after the -iv
flag.
Free Resources