Advanced Encryption Standard(AES) is a symmetric encryption algorithm. AES is the industry standard as of now as it allows 128 bit, 192 bit and 256 bit encryption.Symmetric encryption is very fast as compared to asymmetric encryption and are used in systems such as database system. The AES engine requires a plain-text and a secret key for encryption and same secret key is used again to decrypt it.
If the data to be encrypted doesn't meet the block size requirement of 128 bits, it must be padded. Padding is the process of filling up the last block to 128 bits.
The AES algorithm has six modes of operation:
- ECB (Electronic Code Book)
- CBC (Cipher Block Chaining)
- CFB (Cipher FeedBack)
- OFB (Output FeedBack)
- CTR (Counter)
- GCM (Galois/Counter Mode)
We can apply the mode of operation in order to strengthen the effect of the encryption algorithm. Moreover, the mode of operation may convert the block cipher into a stream cipher. Each mode has its strengths and weaknesses. Let’s quickly review each one.
1. ECB:
This mode of operation is the simplest of all. The plaintext is divided into blocks with a size of 128 bits. Then each block is encrypted with the same key and algorithm. Therefore, it produces the same result for the same block. This is the main weakness of this mode, and it's not recommended for encryption. It requires padding data.
2. CBC:
In order to overcome the ECB weakness, CBC mode uses an Initialization Vector (IV) to augment the encryption. First, CBC uses the plaintext block xor with the IV. Then it encrypts the result to the ciphertext block. In the next block, it uses the encryption result to xor with the plaintext block until the last block.
In this mode, encryption can't be parallelized, but decryption can be parallelized. It also requires padding data.
3. CFB:
This mode can be used as a stream cipher. First, it encrypts the IV, then it will xor with the plaintext block to get ciphertext. Then CFB encrypts the encryption result to xor the plaintext. It needs an IV.
In this mode, decryption can be parallelized, but encryption can't be parallelized.
4. OFB:
This mode can be used as a stream cipher. First, it encrypts the IV. Then it uses the encryption results to xor the plaintext to get ciphertext.
It doesn’t require padding data, and won't be affected by the noisy block.
5. CTR:
This mode uses the value of a counter as an IV. It's very similar to OFB, but it uses the counter to be encrypted every time instead of the IV.
This mode has two strengths, including encryption/decryption parallelization, and noise in one block does not affect other blocks.
6. GCM:
This mode is an extension of the CTR mode. The GCM has received significant attention and is recommended by NIST. The GCM model outputs ciphertext and an authentication tag. The main advantage of this mode, compared to other operation modes of the algorithm, is its efficiency.