14.4 Modes of operation
In the previous sections, we have discussed in detail how a block cipher encrypts a single block of plaintext data. But how should we proceed when faced with a large number of blocks? There are several possible answers to this question, each coming with its own advantages and disadvantages. The different approaches for encrypting a large number of blocks using a certain block cipher are called modes of operation.
As of the writing of this book, the following block cipher modes are approved by NIST:
The modes ECB, CBC, OFB, CFB, CTR, XTS-AES, FF1, and FF3, which can be used to achieve confidentiality
CMAC mode, which can be used to achieve authentication
The CCM, GCM, KW, KWP, and TKW modes, which combine confidentiality and message authentication
14.4.1 ECB mode
The Electronic Code Book (ECB) mode, shown in Figure 14.6, is the most straightforward mode of operation, where the ciphertext is obtained by directly applying the block cipher to the plaintext...