Tag: modes-of-operation

67 Should I use ECB or CBC encryption mode for my block cipher? 2011-07-21T13:19:43.667

63 What is the difference between CBC and GCM mode? 2012-04-08T23:20:36.817

62 What is the difference between PKCS#5 padding and PKCS#7 padding 2013-07-04T21:18:51.007

53 Hashing or encrypting twice to increase security? 2011-09-25T06:56:17.897

28 Why was AES CBC removed in TLS 1.3? 2017-10-26T15:10:49.513

27 Practical disadvantages of GCM mode encryption 2013-10-04T22:13:24.883

23 What is the advantage of XTS over CBC mode (with diffuser)? 2012-12-05T12:01:20.197

22 Why do we need special key-wrap algorithms? 2011-11-01T00:29:27.373

20 Using CBC with a fixed IV and a random first plaintext block 2012-11-19T11:14:38.023

20 Is (AES-)GCM parallelizable? 2015-08-13T20:29:35.420

19 (Why) should I avoid using a randomized IV for CTR mode? 2012-02-13T17:02:56.147

17 Is AES in CBC mode secure if a known and/or fixed IV is used? 2012-10-18T16:07:39.107

16 Why choose an authenticated encryption mode instead of a separate MAC? 2011-10-08T18:05:33.870

16 Why should I use Authenticated Encryption instead of just encryption? 2013-12-06T21:43:36.943

15 Is the CBC weakness in XML Encryption a new discovery? Are other applications vulnerable? 2011-10-23T17:14:01.480

14 Is CBC really dead? 2011-09-27T22:17:46.387

14 AES in ECB mode weakness 2011-10-14T10:26:23.447

13 Can CBC ciphertext be decrypted if the key is known, but the IV not? 2011-11-05T21:47:42.877

13 Is using a predictable IV with CFB mode safe or not? 2012-08-11T13:17:09.583

13 What is wrong with AES-CTR-HMAC-SHA256 - or why is it not in TLS? 2013-10-26T20:39:02.340

13 GCM vs CTR+HMAC tradeoffs 2014-03-01T03:26:55.997

12 Deterministic nonces in CTR mode 2012-04-16T08:29:47.317

12 Modes of operation that allow padding oracle attacks 2014-07-17T21:27:43.997

11 Using a Non-Random IV with modes other than CBC 2011-11-23T19:47:15.853

10 What are the details of the DES weakness of reusing the same IV in CBC mode with the same key? 2011-07-13T08:35:13.037

10 What is the difference between a 'cipher' and a 'mode of operation'? 2013-10-18T06:53:53.160

9 Encryption with "constant" initialization vector considered harmful 2012-05-09T06:17:10.130

9 AES plaintext is smaller than 128 bits - how to expand? 2013-04-25T14:27:24.423

9 Authenticated encryption mode for stream cipher? 2013-08-02T12:54:59.147

9 AES-CTR mode and the Biclique Attack 2013-11-06T15:31:14.723

8 Does AES-CTR require an IV for any purpose other than distinguishing identical inputs? 2012-01-03T23:36:18.827

8 Cipher Feedback Mode 2012-04-27T12:00:19.810

8 How can disk encryption systems (like Truecrypt) resist frequency analysis when they allow random access? 2012-05-08T03:42:18.283

8 Why doesn't CTR mode require blocking? 2012-11-05T12:09:56.533

8 Will varying plaintext compensate for a fixed initialisation vector? 2012-11-19T11:59:24.967

8 Is this encryption algorithm build from MD5 secure? 2013-03-06T13:43:29.373

8 Has GMAC mode a future outside GCM? 2013-06-16T14:05:56.710

8 Why is authenticated CFB mode insecure? 2014-12-16T15:20:12.053

8 Is the risk of a collision for OCB mode mitigated by upping the block size of the cipher? 2017-02-28T21:06:07.593

8 Is CBC mode with a fixed IV secure, if a counter is prepended to the plaintext? 2017-05-10T19:50:00.370

7 CBC - a canonical mode, even though there are streaming modes 2012-03-12T21:30:30.870

7 Abstracting primitives and modes of operation 2012-06-26T18:27:10.240

7 Why, or when, to use an Initialization Vector? 2012-10-28T18:13:10.153

7 Security of authenticated encryption modes GCM & CCM 2013-06-15T14:02:06.907

7 Practical uses of Manipulation Detection Code (MDC) and IGE 2013-07-23T19:47:00.617

7 Why does CTR mode XOR the plaintext into the output of the block cipher rather than XORing the plaintext into the input of the block cipher? 2014-03-04T07:01:35.083

7 Why do some block cipher modes of operation only use encryption while others use both encryption and decryption? 2014-04-12T23:46:16.737

7 Difference between a nonce and IV 2014-05-04T17:46:22.493

7 Where is CFB-MAC defined? 2015-08-29T08:17:22.600

7 KFB mode - key feedback 2015-10-30T00:23:36.643

7 Should I use “modes of operation” for a single block of data? 2016-12-13T15:08:58.197

7 Maximum Number of Blocks to be Encrypted under One Key in CBC and CTR Mode? 2017-09-14T08:58:55.660

6 Is it safe to store initial counter value for AES-CTR alongside with ciphertext? 2011-12-09T14:22:56.973

6 Replay attack in ECB mode 2012-07-02T10:10:42.790

6 Single-purpose symmetric encryption scheme for single files 2013-03-30T01:03:36.783

6 Why is it said that if we have a duplicate ciphertext block it can leak our information? 2013-07-17T17:57:12.227

6 How do we compute IV+1 in CTR mode? 2014-07-21T15:15:46.733

6 Streaming mode of operation that is more resistant against nonce reuse 2014-08-10T17:57:09.573

6 OCB and GCM security 2014-08-26T05:38:26.317

6 Choice of authenticated encryption mode for whole messages 2014-08-28T10:54:12.903

6 Turning a 64 bit block cipher into a 128 bit block cipher 2015-06-18T20:03:57.580

6 Effect of ESSIV when used with XTS 2015-09-14T01:04:55.150

6 Should Increment functions be near-constant time? 2015-11-03T00:52:42.423

6 Is IPsec IND-CCA secure provided the used block cipher is a pseudorandom function? 2016-01-06T13:21:51.493

6 Is it feasable to combine ECB and CTR block modes of operation? 2016-10-12T11:38:44.630

6 What is the best mode of operation for file encryption with Threefish512? 2017-02-02T01:36:04.870

6 CBC-Mode Infinite Garble Extension 2017-02-13T17:58:18.120

5 Which one of the Block Cipher modes is the best? 2012-02-20T03:56:24.020

5 Why does CBC decryption with a wrong IV still give readable results? 2012-06-11T17:11:35.543

5 How much data can I encrypt with AES before I need to change the key in CBC mode? 2013-05-21T15:25:10.150

5 Is this method of deterministically using CBC secure? 2013-08-09T00:24:40.380

5 What (precisely) is a block cipher? 2013-10-12T11:18:48.200

5 GCM: Math behind update of AAD after ciphertext has been processed 2014-09-16T13:06:33.487

5 Is there any area where AES-CBC cannot be used ? If so, why? 2014-09-23T16:24:10.447

5 Secure method for encrypting 32 byte private keys 2015-09-24T16:33:09.353

5 A block cipher whose key changes after each block 2016-04-02T21:37:41.783

5 How many blocks can securely be encrypted with XTS 2016-05-17T20:27:33.763

5 Is the CBC mode of operation a stream cipher mode? 2017-09-01T18:12:37.043

5 How can I encrypt more than 128 bits of data with AES? 2017-09-12T15:17:29.787

4 What is the likely cause the RSA algorithm gives back plain text in this case? 2011-10-04T08:11:37.937

4 Does this block cipher mode allow for decryption? 2011-12-21T17:32:38.083

4 Undecrypt using the OpenSSL EVP API? 2012-02-12T16:14:59.910

4 Which block cipher modes of operation allow a predictable IV? 2012-08-10T13:31:08.660

4 Symmetric encryption mode where ciphertext size is plain text size 2013-02-22T12:56:44.757

4 Does EAX use the same keys for encryption and authentication? 2013-06-25T17:35:19.117

4 Is it possible to insert a key derivation function when using EAX? 2013-07-02T16:13:02.930

4 Can CBC-encrypted files be modified in-place? 2013-07-18T09:32:08.703

4 CTR mode nonce with aggressive key rotation policy 2013-07-19T22:57:31.793

4 Swapping Key and IV in AES? Safe? 2013-08-05T20:37:09.473

4 Increasing the diffusion of the AES-CBC encryption algorithm in pycrypto for python 2013-12-06T07:44:28.433

4 Authenticated encryption without padding 2014-03-06T12:29:19.250

4 How do I decide what mode to use? 2014-06-21T23:40:40.137

4 How to encrypt a file for random access 2014-08-17T17:12:49.113

4 What's the consequence of having a short IV? Is one mode better in that case? 2014-08-22T21:09:01.120

4 Authenticating Very Short (Sub-Block) Data 2014-09-18T19:03:22.057

4 Modes of encryption for hard drives? 2014-11-19T12:06:53.473

4 Why are there no MACs inspired by block cipher modes other than CBC and CFB? 2015-01-03T22:26:21.963

4 Encryption for a short packet size 2015-01-06T06:51:09.750

4 Why isn't CTR mode (counter mode) used more often? 2015-01-27T22:32:22.990