|
Gecko Modes
|
|
Home page
Gecko Architecture
Modes: CBC, CTR, ECB, PCBC,
CFB, OFB
Test Harnesses and
Sample programs
Downloads
Building the Software
About Gecko
|
Gecko ships with several
encryption modes built-in.
These modes include CBC,
CTR, ECB, PCBP, CFB, and OFB.
Each mode is #ifdef’ed so
no modes but the one you want is included in final product. But the modes
are included natively within the Gecko module to provide the best speed and
smallest size.
This is because the
compiler can eliminate non-local jumps as well as inline the cryptographic
methods within the mode (say, CBC,) directly.
Here are the mode
implementations for reference.
Implementation note:
LOCAL is defined as static inline.
|
|
|
Native Gecko modes of operation
|
|
|
Cipher Block Chaining (CBC)
|
|
|
|
Ehrsam, Meyer, Smith and Tuchman invented the Cipher Block Chaining (CBC) mode of operation in 1976. In CBC mode, each block of plaintext is XORed with the previous ciphertext block before being encrypted. This way, each ciphertext block depends on all plaintext blocks processed up to that point. To make each message unique, an initialization vector must be used in the first block. https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_Block_Chaining_(CBC)
|
Images By WhiteTimberwolf
(SVG version) - PNG version, Public Domain,
https://commons.wikimedia.org/w/index.php?curid=26434095
|
|
|
LOCAL void GKO_EncryptCBC(GKO_state_t* state, uint8_t* bp)
{
GKO_XorWithCB(state, bp); // initially, this
is set to IV
GKO_Cipher(state, bp, GKO_cipher_forward); // encrypt
GKO_SetCB(state, bp); // store
ciphertext in chaining buffer
}
|
|
|
|
LOCAL void GKO_DecryptCBC(GKO_state_t* state, uint8_t* bp)
{
uint8_t ciphertext[GKO_BLOCK_SIZE]; // ciphertext
storage
memcpy(ciphertext, bp, GKO_BLOCK_SIZE); // backup
ciphertext
GKO_Cipher(state, bp,GKO_cipher_backward); // decrypt the
buffer
GKO_XorWithCB(state, bp); // XOR the
ciphertext chaining buffer
GKO_SetCB(state, ciphertext); // store ciphertext
in chaining buffer
}
|
|
|
|
Counter (CTR)
|
|
|
|
Note: CTR mode (CM) is also known as integer counter mode (ICM) and segmented integer counter (SIC) mode
Like OFB, Counter mode turns a block cipher into a stream cipher. It generates the next keystream block by encrypting successive values of a "counter". The counter can be any function which produces a sequence which is guaranteed not to repeat for a long time, although an actual increment-by-one counter is the simplest and most popular. The usage of a simple deterministic input function used to be controversial; critics argued that "deliberately exposing a cryptosystem to a known systematic input represents an unnecessary risk."However, today CTR mode is widely accepted and any problems are considered a weakness of the underlying block cipher, which is expected to be secure regardless of systemic bias in its input. Along with CBC, CTR mode is one of two block cipher modes recommended by Niels Ferguson and Bruce Schneier. https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Counter_(CTR)
|
|
|
|
LOCAL void GKO_EncryptCTR(GKO_state_t* state, uint8_t* bp)
{
GKO_Cipher(state, GKO_GetCB(state),GKO_cipher_symmetrical); // encrypt IV
GKO_XorWithCB(state, bp); // XOR the
plaintext with chaining buffer
GKO_SetCB(state,GKO_IncIv(state)); // store
incremented IV in chaining buffer
}
|
|
|
|
LOCAL void GKO_DecryptCTR(GKO_state_t* state, uint8_t* bp)
{
// symmetric encryption
GKO_EncryptCTR(state, bp);
}
|
|
|
|
Electronic Codebook (ECB)
|
|
| |
The simplest of the encryption modes is the Electronic Codebook (ECB) mode (named after conventional physical codebooks). The message is divided into blocks, and each block is encrypted separately. https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_(ECB) |
|
|
|
LOCAL void GKO_EncryptECB(GKO_state_t* state, uint8_t* bp)
{
GKO_Cipher(state, bp, GKO_cipher_forward); // encrypt the
plaintext
}
|
|
|
|
LOCAL void GKO_DecryptECB(GKO_state_t* state, uint8_t* bp)
{
// symmetric encryption
GKO_Cipher(state, bp, GKO_cipher_backward);
}
|
|
|
|
Propagating CBC (PCBC)
|
|
| |
The Propagating Cipher Block Chaining or plaintext cipher-block chaining mode was designed to cause small changes in the ciphertext to propagate indefinitely when decrypting, as well as when encrypting. In PCBC mode, each block of plaintext is XORed with both the previous plaintext block and the previous ciphertext block before being encrypted. As with CBC mode, an initialization vector is used in the first block. https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Propagating_Cipher_Block_Chaining_(PCBC) |
|
|
|
LOCAL void GKO_EncryptPCBC(GKO_state_t* state, uint8_t* bp)
{
uint8_t plaintext[GKO_BLOCK_SIZE]; // make a copy of
the plaintext
memcpy(plaintext,bp,GKO_BLOCK_SIZE);
GKO_XorWithCB(state, bp); // XOR plaintext
with chaining buffer
GKO_Cipher(state,bp, GKO_cipher_forward);// encrypt
GKO_SetCB(state, bp); // store
ciphertext in chaining buffer
GKO_XorToCB(state, plaintext); // XOR the
chaining buffer with the plaintext
}
|
|
|
|
LOCAL void GKO_DecryptPCBC(GKO_state_t* state, uint8_t* bp)
{
uint8_t ciphertext[GKO_BLOCK_SIZE]; // ciphertext
storage
memcpy(ciphertext, bp, GKO_BLOCK_SIZE); // backup
ciphertext
GKO_Cipher(state,bp,GKO_cipher_backward); // decrypt the
buffer
GKO_XorWithCB(state, bp); // XOR ciphertext
with chaining buffer
GKO_SetCB(state, ciphertext); // store
ciphertext in chaining buffer
GKO_XorToCB(state, bp); // XOR the
chaining buffer with the plaintext
}
|
|
|
|
Cipher Feedback (CFB)
|
|
| |
The Cipher Feedback (CFB) mode, a close relative of CBC, makes a block cipher into a self-synchronizing stream cipher. Operation is very similar; in particular, CFB decryption is almost identical to CBC encryption performed in reverse. https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_Feedback_(CFB) |
|
|
|
LOCAL void GKO_EncryptCFB(GKO_state_t* state, uint8_t* bp)
{
GKO_Cipher(state, GKO_GetCB(state),GKO_cipher_symmetrical); // encrypt IV
GKO_XorWithCB(state, bp); // XOR plaintext
with chaining buffer
GKO_SetCB(state,bp); // store
ciphertext in chaining buffer
}
|
|
|
|
LOCAL void GKO_DecryptCFB(GKO_state_t* state, uint8_t* bp)
{ uint8_t ciphertext[GKO_BLOCK_SIZE]; // ciphertext
storage
memcpy(ciphertext, bp, GKO_BLOCK_SIZE); // backup
ciphertext
GKO_Cipher(state, GKO_GetCB(state),GKO_cipher_symmetrical); // decrypt the IV
GKO_XorWithCB(state, bp); // XOR plaintext
with chaining buffer
GKO_SetCB(state,ciphertext); // store
ciphertext in chaining buffer
}
|
|
|
|
|
|
|
|
Output Feedback (OFB)
|
|
| |
The Output Feedback (OFB) mode makes a block cipher into a synchronous stream cipher. It generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext. Just as with other stream ciphers, flipping a bit in the ciphertext produces a flipped bit in the plaintext at the same location. This property allows many error correcting codes to function normally even when applied before encryption.
Because of the symmetry of the XOR operation, encryption and decryption are exactly the same. https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Output_Feedback_(OFB) |
|
|
|
LOCAL void GKO_EncryptOFB(GKO_state_t* state, uint8_t* bp)
{
uint8_t ciphertext[GKO_BLOCK_SIZE]; // ciphertext
storage
GKO_Cipher(state, GKO_GetCB(state),GKO_cipher_symmetrical); // encrypt IV
memcpy(ciphertext, GKO_GetCB(state), GKO_BLOCK_SIZE); // backup
ciphertext
GKO_XorWithCB(state, bp); // XOR plaintext
with chaining buffer
GKO_SetCB(state,ciphertext); // store
ciphertext in chaining buffer
}
|
|
|
|
LOCAL void GKO_DecryptOFB(GKO_state_t* state, uint8_t* bp)
{ // symmetric encryption
GKO_EncryptOFB(state, bp);
}
|
|
|