- Cryptography Tutorial
- Cryptography - Home
- Cryptography - Origin
- Cryptography - History
- Cryptography - Principles
- Cryptography - Applications
- Cryptography - Benefits & Drawbacks
- Cryptography - Modern Age
- Cryptography - Traditional Ciphers
- Cryptography - Need for Encryption
- Cryptography - Double Strength Encryption
- Cryptosystems
- Cryptosystems
- Cryptosystems - Components
- Attacks On Cryptosystem
- Cryptosystems - Rainbow table attack
- Cryptosystems - Dictionary attack
- Cryptosystems - Brute force attack
- Cryptosystems - Cryptanalysis Techniques
- Types of Cryptography
- Cryptosystems - Types
- Public Key Encryption
- Modern Symmetric Key Encryption
- Cryptography Hash functions
- Key Management
- Cryptosystems - Key Generation
- Cryptosystems - Key Storage
- Cryptosystems - Key Distribution
- Cryptosystems - Key Revocation
- Block Ciphers
- Cryptosystems - Stream Cipher
- Cryptography - Block Cipher
- Cryptography - Feistel Block Cipher
- Block Cipher Modes of Operation
- Electronic Code Book (ECB) Mode
- Cipher Block Chaining (CBC) Mode
- Cipher Feedback (CFB) Mode
- Output Feedback (OFB) Mode
- Counter (CTR) Mode
- Symmetric Algorithms
- Data Encryption Standard
- Triple DES
- Advanced Encryption Standard
- Data Integrity in Cryptography
- Data Integrity in Cryptography
- Message Authentication
- Cryptography Digital signatures
- Public Key Infrastructure
- Cryptography Useful Resources
- Cryptography - Quick Guide
- Cryptography - Discussion
Cryptography - Cipher Feedback (CFB) Mode
The Cipher Feedback (CFB) mode is quite similar to CBC; the main difference is that CFB is a stream mode. It eliminates patterns by using feedback (also known as chaining in stream modes). CFB, like CBC, uses an initialization vector to destroy patterns while propagating errors.
The CFB mode is a typical block cipher mode of operation that uses the block cipher algorithm. In this version, we support Data Encryption Standard (DES) and Advanced Encryption Standard (AES) processing; the cipherkey length for DES should be 64 bits, and 128/192/256 bits for AES. Another constraint is that our working mode operates on fixed-size units (64 or 128 bits per block), while text in the actual world varies in length.
As a result, the final block of text given to this primitive must be padded to 128 bits before it can be encrypted or decrypted. While CFB1 and CFB8 modes use the same interface as CFB128 mode, CFB1 and CFB8 modes process plaintext and ciphertext bit-by-bit or byte-by-byte rather than block-by-block.
Operation
The operation of the CFB mode is shown in the above image. In the current system, a message block has a size of 's' bits, where 1 < s < n. The initial random n-bit input block in the CFB mode needs to have an initialization vector (IV). The Initialization Vector does not need to be kept secret. Steps for operation are −
Load the IV into the top register.
Encrypt the data value in the top register with the underlying block cipher and key K.
To construct the ciphertext block, take only 's' number of most important bits (left bits) from the encryption process's output and XOR them with 's' bit plaintext message block.
Feed the ciphertext block into the top register by moving the existing data to the left, and repeat the operation until all plaintext blocks are processed.
Basically, the previous ciphertext block is encrypted with the help of the key, and the result is XORed with the current plaintext block.
Decryption follows similar methods. A predetermined IV is loaded at the start of decryption.
Analysis of CFB Mode
CFB mode differs considerably from ECB mode in that the ciphertext linked to a given plaintext block is determined not only by that plaintext block and the key, but also by the previous ciphertext block. In other words, the ciphertext block is dependent on the message.
CFB has a highly unusual property. In this mode, the user decrypts the ciphertext using the block cipher's encryption method. The decryption algorithm for the underlying block cipher is never used.
Apparently, CFB mode converts a block cipher into a stream cipher. The encryption algorithm functions as a key-stream generator, producing a key-stream that is stored in the bottom register. This key stream is then XORed with the plaintext, as is the case with stream ciphers.
CFB mode converts a block cipher into a stream cipher, giving it some of the advantages of a stream cipher while preserving the benefits of a block cipher.
On the other hand, transmission errors proliferate as a result of block changes.
Formula for CFB Mode
CFB (cipher feedback) is an AES block cipher mode similar to CBC in that it needs the previous block's cipher, Ci-1, to encrypt a block, Bi. Similar to CBC, CFB uses an initialization vector. The main difference is that in CFB, the previous block's ciphertext block is encrypted first before being XOR-ed with the block in focus.
To better understand this, consider CFB in the form of a formula −
Ci = EK(Ci-1) ⊕ Bi
where EK represents the block encryption algorithm with key K, and Ci-1 is the cipher for Bi-1.
Note that the calculation above assumes C0 to be the initialization vector.
Similarly, decryption using the CFB can be represented as follows −
Bi = EK(Ci-1)⊕(Ci)
It is important to understand that the decryption algorithm is not used here.
Bit-Width of CFB Mode
The below table show the bit-width of the interfaces that CFB mode offer −
| plaintext | ciphertext | cipherkey | IV | |
|---|---|---|---|---|
| CFB1-DES | 64 | 64 | 64 | 64 |
| CFB1-AES128 | 128 | 128 | 128 | 128 |
| CFB1-AES192 | 128 | 128 | 192 | 128 |
| CFB1-AES256 | 128 | 128 | 256 | 128 |
| CFB8-DES | 64 | 64 | 64 | 64 |
| CFB8-AES128 | 128 | 128 | 128 | 128 |
| CFB8-AES192 | 128 | 128 | 192 | 128 |
| CFB8-AES256 | 128 | 128 | 256 | 128 |
| CFB128-DES | 64 | 64 | 64 | 64 |
| CFB128-AES128 | 128 | 128 | 128 | 128 |
| CFB128-AES192 | 128 | 128 | 192 | 128 |
| CFB128-AES256 | 128 | 128 | 256 | 128 |
Advantages of CFB Mode
CFB (Cipher Feedback) mode can sometimes be faster than CBC (Cipher Block Chaining) mode because it does not need an additional decryption technique. This can improve performance, particularly in situations when encryption speed is essential.
CFB mode uses non-deterministic encryption, which means it cannot see patterns in the plaintext. This provides an additional layer of security by making it more challenging for attackers to determine information about the plaintext from the ciphertext.
Disadvantages of CFB Mode
Just like CBC mode, CFB mode cannot handle the loss of encrypted blocks. If even a single block is lost or corrupted throughout transmission, it might cause the decryption process to fail and leaving the entire message inaccessible.
Like CBC mode, CFB mode does not allow for concurrent encryption of many blocks. Each block's encryption is dependent on the previous ciphertext block, which limits the efficiency of parallel encryption techniques and may affect overall encryption speed.
While CFB mode can offer advantages in terms of speed and unpredictable encryption, it is more difficult to set up and understand than simpler modes like ECB (Electronic Codebook) mode. This additional level of complexity can lead to potential vulnerabilities if not properly implemented.
To Continue Learning Please Login