Highest Voted 'cbc' Questions - Cryptography Stack Exchange

92

votes

2 answers

What is the difference between CBC and GCM mode?

I am trying to learn more about GCM mode and how it differs from CBC. I already know that GCM provides a MAC, which is used for message authentication. From what I have read and from the code snippets I've seen, GCM does an exclusive-or much like…

asked Apr 08 '12 at 23:20

Bob Bryan

1,283
2
10
11

83

votes

9 answers

Should I use ECB or CBC encryption mode for my block cipher?

Can someone tell me which mode out of ECB and CBC is better, and how to decide which mode to use? Are there any other modes which are better?

encryption block-cipher modes-of-operation cbc ecb

asked Jul 21 '11 at 13:19

midhunhk

1,151
2
13
19

50

votes

2 answers

AES CBC mode or AES CTR mode recommended?

What are the benefits and disadvantages of CBC vs. CTR mode? Which one is more secure?

aes cbc ctr

asked Jan 19 '13 at 12:02

mary

1,071
3
11
13

40

votes

3 answers

Why is CBC with predictable IV considered insecure against chosen-plaintext attack?

I just learned that using CBC encryption with an IV which is predictable is not secure. From what I understand, using certain plain texts, and then guessing the IV that it uses, the attacker can verify if the IV he guessed was right. How does this…

encryption cbc initialization-vector chosen-plaintext-attack

asked Sep 26 '12 at 23:17

asudhak

501
1
4
5

39

votes

3 answers

Why was AES CBC removed in TLS 1.3?

I don't quite understand why AES CBC was removed in TLS1.3. From what I know CBC is the most secure Mode of operation for the AES block cipher (if you can say it like that). It only needs a TRND IV and has not been broken. If you pair it with a…

aes tls cbc modes-of-operation aes-gcm

asked Oct 26 '17 at 15:10

Richard R. Matthews

4,545
9
31
49

38

votes

2 answers

Why should I use an Initialization Vector (IV) when I have unique keys?

I took a look at “Why, or when, to use an Initialization Vector?” but my question is not the same. I have unique keys encrypting each plaintext (in CBC mode, AES-256) and I do not use a key to encrypt more than one plaintext. Is it insecure to use…

encryption aes cbc initialization-vector

asked Jun 06 '13 at 02:38

Ashwin

483
1
4
4

37

votes

1 answer

What is the advantage of XTS over CBC mode (with diffuser)?

I have some problems in understanding the "advantage" of AES-XTS compared to CBC with diffuser. I read something about FileVault, in this paper they mention the two modes of operations XTS and CBC (with diffuser) and the advantages of XTS. Both…

encryption modes-of-operation cbc xts

asked Dec 05 '12 at 12:01

tommynogger

473
1
4
4

33

votes

2 answers

7zip : Why does encrypting the same file with AES-256 not give the same output?

Using 7-zip 19.00, on Windows 10 1909, build 18363.592, I encrypted a text file with the contents "hello there" using AES-256 and the password "123". I did this two times, the exact same procedure, but as shown below, the output is…

encryption aes cbc

asked Feb 11 '20 at 17:57

super

463
1
4
9

29

votes

6 answers

Why not authenticate full-disk encryption?

Common FDE software (TrueCrypt, BitLocker, dm-crypt) doesn't authenticate ciphertext stored on the disk. The commonly cited reason is "it would take too much space", reasoning that you would need an authentication tag for every sector and that would…

authentication hmac cbc disk-encryption

asked Nov 03 '16 at 18:23

matejcik

393
3
5

24

votes

3 answers

Is AES in CBC mode secure if a known and/or fixed IV is used?

I have a need to encrypt credentials for a third-party app used by a secured internal app. Over on ITSec.SE, I was helpfully shown a scheme to encrypt the third-party credentials based on a hash of the credentials for the internal app. I picked AES…

aes modes-of-operation initialization-vector cbc

asked Oct 18 '12 at 16:07

KeithS

570
1
3
11

24

votes

3 answers

How can Cipher Block Chaining (CBC) in SSL be attacked?

I am trying to understand how CBC-mode in SSL/TLS can be attacked. I have been looking around online but all examples and explanations are very hard to understand and follow. Can you give a simple explanation for how such attacks happen?

tls cbc

asked Oct 27 '11 at 02:27

antonpug

341
1
2
4

22

votes

5 answers

Using CBC with a fixed IV and a random first plaintext block

What if, instead of using CBC mode in the normal way with a random IV, I used this approach: Use a fixed IV (like a block of 0's). Before encrypting, generate a random block and prepend it to the plaintext. After decrypting, ignore the first…

encryption block-cipher modes-of-operation initialization-vector cbc

asked Nov 19 '12 at 11:14

danieltorres

415
4
6

21

votes

4 answers

Can CBC ciphertext be decrypted if the key is known, but the IV not?

Let's say that there is a binary file encrypted with AES in CBC mode (i.e. using a key and initialization vector). If key is known, but IV is not, is it easy to fully decrypt the file? How hard is it?

encryption modes-of-operation cbc initialization-vector

asked Nov 05 '11 at 21:47

Ben

375
1
3
7

20

votes

1 answer

Bit Flipping Attack on CBC Mode

To perform a bit flipping attack, the previous block is modified by using XOR. This results in an altered plaintext. However, now the ciphertext of the previous block is altered, hence it will result in an invalid format. Am I correct or am I…

encryption cbc modes-of-operation

asked Dec 24 '18 at 10:07

CXB

341
1
2
4

20

votes

2 answers

Why do new versions of TLS use an explicit IV for CBC suites?

SSL 3.0 and TLS 1.0 used an insecure scheme to generate implicit IVs when encrypting records in CBC mode: they used the last part of the previous record, a value that can be predicted by the attacker. This attack was demonstrated in the BEAST…

protocol-design tls cbc initialization-vector

asked May 20 '12 at 12:43

CodesInChaos

25,121
2
90
129

Questions tagged [cbc]