Score:0

Crypto

How does AES-CBC encryption achieve non-repeating blocks of ciphertext?

SN-Grotesque

2/18/24, 4:52 PM

I am very interested in encryption algorithms, especially AES encryption algorithm in symmetric encryption. To this end, I have studied a lot of theoretical knowledge about AES encryption algorithm and the code samples I can obtain.

I wrote a 512-bit encryption algorithm after referring to AES-CBC-256 mode in detail.

I named this mode SZQ-CBC-512, but the output result is almost the same as that of AES-ECB-256 mode (that is, the data between different blocks is the same).

I will describe this problem in detail:

The avalanche effect is very perfect because it refers to "column mixing", "row shifting" and "sub bytes" of AES encryption algorithm (equivalent to another realization of an AES encryption algorithm).
All inputs are 512 bits, that is to say, the blocks of "plaintext, key and ciphertext" are 64 bytes.

Then in the process of implementation, If you enter a byte stream with a length of 128 bytes and all of them are "00", you will get the data spliced by two blocks.

The two blocks will be the same.

These are the Github warehouses of the AES encryption algorithm code samples I refer to.

https://github.com/SergeyBel/AES
https://github.com/jbheard/AEScrypt
https://github.com/4thrun/aes
https://github.com/HUTOYP/AES128_ECB_PKCS5Padding
---------------------------------------------
https://github.com/kokke/tiny-AES-c
This is the code sample warehouse of AES encryption algorithm that I have learned and understood most.

The following is an example output of the plaintext, key and ciphertext of the SZQ encryption algorithm.

Hex print
---------------------------------------------
Plaintext:
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
---------------------------------------------
Key:
d6d5fbc94fa63a8d95dcbf2e7b874f5f819d21a375471a99fac2c981d7dafffaf95b5f03b4eadadf0e223efaee787b62b55febb80e6743f8aec0dbae1f96eb9f
---------------------------------------------
Iv:
8cee7c6e27455ed363353caad7356038887fbe6d5aab2b4b0419672b823c6b7fe9791a296d50651a96ad52ac5ead6513cb14f72e7320dda27e50625ea346fe69
---------------------------------------------
Ciphertext:
b5d7daa268ab9467b5c92ce27212683aff0f14c702fbe6cad9b30bc0fc4f4ccbb131cc155809dfd9300af324427607619e76cd63cd2aed963db725058b90b44eb5d7daa268ab9467b5c92ce27212683aff0f14c702fbe6cad9b30bc0fc4f4ccbb131cc155809dfd9300af324427607619e76cd63cd2aed963db725058b90b44e

It can be seen that the data of the two blocks in the ciphertext are the same.

b5d7...b44eb5d7...b44e

However, I found that under the CBC mode of AES encryption algorithm, different blocks will not have duplicate blocks in a very large range.

So I would like to know how AES encryption algorithm achieves this.
The following is the source code warehouse of SZQ encryption algorithm I developed.

https://github.com/sngrotesque/SZQ

125

1 + 6

cryptanalysis

aes

symmetric

Amit

2/18/24, 8:05 PM

When properly used CBC not only would minimize the probability of duplicate ciphertext blocks to be negligible, but also given the same input plaintext to encrypt twice would produce completely different resulting ciphertexts. You may want to take a closer look at the importance of generating a (cryptographically strong-) random IV block to be used as input, each time you encrypt a plaintext with CBC.

poncho

2/19/24, 3:09 AM

Note that, in the SZQ cipher, the RowsMix operation is not at all equivalent to the AES MixRows operation; in particular, it is not even close to being MDS (in the forward direction, you have have a delta on 2 bytes in and 1 byte out); MixRows being MDS is crucial for the proofs that AES is immune to linear/differential cryptanalysis. In addition, how were the sboxes chosen (and why do you believe that they give good linear/differential properties)?

SN-Grotesque

2/19/24, 5:30 AM

As for the generation of sbox, I first created a uint8 array of 256 bytes in length from 0 to 255, and then used a random algorithm to scramble it for 16 times.

SN-Grotesque

2/19/24, 5:33 AM

At present, if SZQ cipher only has ECB mode, can you analyze the security of this algorithm?

poncho

2/20/24, 9:01 PM

As for analyzing the security of the cipher, well, the sbox does have decent sized differential and linear characteristics (about what one would expect from a random sbox). And, there may be sparse paths through the cipher (as I pointed out about the RowsMix operation). As for finding a concrete differential or linear characteristic through the bulk of the cipher, well, that'd be more work than I'm interested in. What appears to be much harder is showing that there isn't one - can you do that? If not, why do you believe it might be secure?

SN-Grotesque

2/24/24, 2:43 PM

@poncho For the problem of "RowsMix", AES uses column mixing, so it looks completely different. You can simply understand it as: "AES is vertical processing, and this is horizontal processing of blocks". About how to determine it is safe, because this is a binary linear equation (?). Because it uses two bytes of clear text for XOR operation, and each element is added with a prime number.

Score:2

Crypto

swineone

2/18/24, 5:24 PM

Have a look at the diagram in the CBC section of Wikipedia's article on modes of operation.

As indicated in that section:

In CBC mode, each block of plaintext is XORed with the previous ciphertext block before being encrypted. This way, each ciphertext block depends on all plaintext blocks processed up to that point.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How does AES-CBC encryption achieve non-repeating blocks of ciphertext?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.