COUNTER MODE DEVELOPMENT FOR BLOCK CIPHER OPERATIONS

: There are two basic types of symmetric cipher: block ciphers and stream ciphers. Block ciphers operate on blocks of plaintext and ciphertext—usually of 64 bits but sometimes longer. Stream ciphers operate on streams of plaintext and ciphertext one bit or byte (sometimes even one 32-bit word) at a time. The Block cipher modes of operation can be applied as both stream and block cipher.In this paper we introduce three developments of Counter Mode of Operation of Block cipher. These developments merge between advantages of Counter Mode with other Modes. This gives a good secure Modes for General purpose block-oriented transmission Authentication, Random access, Stream-oriented transmission over noisy channel.


Introduction:
A cryptographic mode usually combines the basic cipher, some sort of feedback, and some simple operations.The operations are simple because the security is a function of the underlying cipher and not the mode.Even more strongly, the cipher mode should not compromise the security of the underlying algorithm.
There are other security considerations: Patterns in the plaintext should be concealed, input to the cipher should be randomized, manipulation of the plaintext by introducing errors in the ciphertext should be difficult, and encryption of more than one message with the same key should be possible.Efficiency is another consideration.The mode should not be significantly less efficient than the underlying cipher.In some circumstances it is important that the ciphertext be the same size as the plaintext.A third consideration is faulttolerance.Some applications need to parallelize encryption or decryption, while others need to be able to preprocess as much as possible.It is important that the decrypting process be able to recover from bit errors in the ciphertext stream, or dropped or added bits.As we will see, different modes have different subsets of these characteristics [1].

BLOCK CIPHER MODES OF OPERATION
A block cipher algorithm is a basic building block for providing data security.To apply a block cipher in a variety of applications, four "modes of operation" have been defined by NIST.In essence, a mode of operation is a technique for enhancing the effect of a cryptographic algorithm or adapting the algorithm for an application, such as applying a block cipher to a sequence of data blocks or a data stream.The four modes are intended to cover virtually all the possible applications of encryption for which a block cipher could be used.These modes are intended for use with any symmetric block cipher, including triple DES and AES.The modes are summarized in Table 1 and described briefly in the next section [2].

Electronic Codebook Mode
The simplest mode is the electronic codebook (ECB) mode, in which plaintext is handled one block at a time and each block of plaintext is encrypted using the same key [2].The term codebook is used because, for a given key, there is a unique ciphertext for every b-bit block of plaintext always using the same key.Consider the plaintext (padded as necessary) consists of a sequence of b-bit blocks, P1, P2,..., PN; the corresponding sequence of ciphertext blocks is C1, C2,..., CN.
The ECB method is ideal for a short amount of data, such as an encryption key.Thus, if you want to transmit a DES key securely, ECB is the appropriate mode to use.The most significant characteristic of ECB is that the same b-bit block of plaintext, if it appears more than once in the message, always produces the same ciphertext.Therefore, we can imagine a gigantic codebook in which there is an entry for every possible b-bit plaintext pattern showing its corresponding ciphertext.For a message longer than b bits, the procedure is simply to break the message into b-bit blocks, padding the last block if necessary.Decryption is performed one block at a time, For lengthy messages, the ECB mode may not be secure.If the message is highly structured, it may be possible for a cryptanalyst to exploit these regularities.For example, if it is known that the message always starts out with certain predefined fields, then the cryptanalyst may have a number of known plaintext-ciphertext pairs to work with.If the message has repetitive elements, with a period of repetition a multiple of b bits, then these elements can be identified by the analyst.This may help in the analysis or may provide an opportunity for substituting or rearranging blocks [1].

Cipher Block Chaining Mode
Chaining adds a feedback mechanism to a block cipher: The results of the encryption of previous blocks are fed back into the encryption of the current block.In other words, each block is used to modify the encryption of the next block.Each ciphertext block is dependent not just on the plaintext block that generated it but on all the previous plaintext blocks and previous ciphertext block before it is encrypted.In cipher block chaining (CBC) mode, the plaintext is XORed with the CBC encryption in action [2].After a plaintext block is encrypted, the resulting ciphertext is also stored in a feedback register.Before the next plaintext block is encrypted, it is XORed with the feedback register to become the next input to the encrypting routine.The resulting ciphertext is again stored in the feedback register, to be XORed with the next plaintext block, and so on until the end of the message.The encryption of each block depends on all the previous blocks.
Decryption is just as straightforward [2].A ciphertext block is decrypted normally and also saved in a feedback register.After the next block is decrypted, it is XORed with the results of the feedback register.Then the next ciphertext block is stored in the feedback register, and so on, until the end of the message [1].
Mathematically, this looks like:

Cipher-Feedback Mode
Block ciphers can also be implemented as a self-synchronizing stream cipher; this is called cipher-feedback (CFB) mode.With CBC mode, encryption cannot begin until a complete block of data is received.This is a problem in some network applications.In a secure network environment, for example, a terminal must be able to transmit each character to the host as it is entered.When data has to be processed in byte-sized chunks, CBC mode just won't do.
In CFB mode, data can be encrypted in units smaller than the block size.The following example will encrypt one ASCII character at a time (this is called 8-bit CFB), but nothing is sacred about the number eight.You can encrypt data one bit at a time using 1bit CFB, although using one complete of the block cipher to speed things up is not recommended [3].
The 8-bit CFB mode is working with a 64-bit block algorithm [2].A block algorithm in CFB mode and can also use 64-bit CFB, or any n-bit CFB where n is less than or equal to the block size operates on a queue the size of the input block.Initially, the queue is filled with an IV, as in CBC mode.The queue is encrypted and the left-most eight bits of the result are XORed with the first 8-bit character of the plaintext to become the first 8-bit character of the ciphertext.This character can now be transmitted.The same eight bits are also moved to the right-most eight bit positions of the queue, and all the other bits move eight to the left.The eight left-most bits are discarded.Then the next plaintext character is encrypted in the same manner.Decryption is the reverse of this process.On both the encryption and the decryption side, the block algorithm is used in its encryption mode [1].

Output-Feedback Mode
Output-feedback (OFB) mode is a method of running a block cipher as a synchronous stream cipher.It is similar to CFB mode, except that n bits of the previous output block are moved into the right-most positions of the queue.Decryption is the reverse of this process.This is called n-bit OFB.On both the encryption and the decryption sides, the block algorithm is used in its encryption mode.This is sometimes called internal feedback, because the feedback mechanism is independent of both the plaintext and the ciphertext streams [4].
If n is the block size of the algorithm, then n-bit OFB looks like: Ci = Pi  Si ; Si = EK(Si-1) Pi = Ci  Si ; Si = EK(Si-1)

Counter Mode
Block ciphers in as counter mode use sequence numbers as the input to the algorithm [5,6,7].Instead of using the output of the encryption algorithm to fill the register, the input to the register is a counter.After each block encryption, the counter increments by some constant, typically one.The synchronization and error propagation characteristics of this mode are identical to those of OFB.Counter mode solves the OFB mode problem of n-bit output where n is less than the block length.
Although interest in the counter mode (CTR) has increased recently, with applications to ATM (asynchronous transfer mode) network security and IPSec (IP security), this mode was proposed early on (e.g., [6]).
Figure .1 depicts the CTR mode.A counter, equal to the plaintext block size is used.The only requirement stated in SP 800-38A is that the counter value must be different for each plaintext block that is encrypted.Typically, the counter is initialized to some value and then incremented by 1 for each subsequent block (modulo 2b where b is the block size).For encryption, the counter is encrypted and then XORed with the plaintext block to produce the ciphertext block; there is no chaining.For decryption, the same sequence of counter values is used, with each encrypted counter XORed with a ciphertext block to recover the corresponding plaintext block.
This limits the maximum throughput of the algorithm to the reciprocal of the time for one execution of block encryption or decryption.In CTR used, with each encrypted counter XORed with a ciphertext block to recover the corresponding plaintext block mode, the throughput is only limited by the amount of parallelism that is achieved.Software efficiency: Similarly, because of the opportunities for Lists the following advantages of CTR mode: [8] Hardware efficiency: Unlike the three chaining modes, encryption (or decryption) in CTR mode can be done in parallel on multiple blocks of plaintext or ciphertext.For the chaining modes, the algorithm must complete the computation on one block before beginning on the next block.Software efficiency: Similarly, because of the opportunities for parallel execution in CTR mode, processors that support parallel features, such as aggressive pipelining, multiple instruction dispatch per clock cycle, a large number of registers, and SIMD instructions, can be effectively utilized.

Figure.1: Counter Mode
Preprocessing: The execution of the underlying encryption algorithm does not depend on input of the plaintext or ciphertext.Therefore, if sufficient memory is available and security is maintained, preprocessing can be used to prepare the output of the encryption boxes that feed into the XOR functions in Figure .1.When the plaintext or ciphertext input is presented, then the only computation is a series of XORs.Such a strategy greatly enhances throughput.
Random access: The ith block of plaintext or ciphertext can be processed in random-access fashion.With the chaining modes, block Ci cannot be computed until the i -1 prior block are computed.There may be applications in which a ciphertext is stored and it is desired to decrypt just one block; for such applications, the random access feature is attractive.
Provable security: It can be shown that CTR is at least as secure as the other modes discussed in this section.
Simplicity: Unlike ECB and CBC modes, CTR mode requires only the implementation of the encryption algorithm and not the decryption algorithm.This matters most when the decryption algorithm differs substantially from the encryption algorithm, as it does for AES.In addition, the decryption key scheduling need not be implemented

CHOOSING A CIPHER MODE
The DES only specifies the encipherment a block of 64 bits.DES can be extended to encipher plaintext of arbitrary length in two ways.The Standard Extension of DES divides the plaintext into 8-byte blocks [9].
If simplicity and speed are your main concerns, ECB is the easiest and fastest mode to use a block cipher.It is also the weakest.Besides being vulnerable to replay attacks, an algorithm in ECB mode is the easiest to cryptanalyze.For encrypting random data, such as other keys, ECB is a good mode to use.Since the data is short and random, none of the shortcomings of ECB matter for this application.
For normal plaintext, use CBC, CFB, or OFB.Which mode you choose depends on your specific requirements.
CBC is generally best for encrypting files.The increase in security is significant; and while there are sometimes bit errors in stored data, there are almost never synchronization errors.
If your application is software-based, CBC is almost always the best choice.
CFB-specifically 8-bit CFB-is generally the mode of choice for encrypting streams of characters when each character has to be treated individually, as in a link between a terminal and a host.OFB is most often used in high-speed synchronous systems where error propagation is intolerable.OFB is also the mode of choice if preprocessing is required.
OFB is the mode of choice in a errorprone environment, because it has no error extension.Stay away from the weird modes.One of the four basic modes-ECB, CBC, OFB, and CFB-is suitable for almost any application.These modes are not overly complex and probably do not reduce the security of the system.While it is possible that a complicated mode might increase the security of a system, most likely it just increases the complexity.None of the weird modes has any better error propagation or error recovery characteristics [1].

DEVELOPMENT OF MODES
In this section we introduce three developed variation methods of the Counter Mode.We exploit some of advantages and characteristics of Counter Mode.These advantages may be added into previous other modes to introduce the following developed methods.

Counter Cipher Block Chaining (CCBC) Mode
Counter adds a Block Chaining mechanism to a block cipher.The results of the encryption of previous blocks are fed back into the encryption of the current block.In other words, block is used to modify the encryption of the next block.Each ciphertext block is dependent not just on the plaintext block that generated it but on all the previous plaintext blocks and Counter.The counter cipher block chaining (CCBC) mode is illustrated in Figure .2.In this scheme, the input to the encryption algorithm is the XOR of the current Counter block and the preceding ciphertext block; the same key is used for each block.In effect, we have chained together the processing of the sequence of plaintext blocks.The input to the encryption function for each plaintext block bears no fixed relationship to the plaintext block.The output of the encryption function is XORed with current plaintext to produce the current ciphertext.Therefore, repeating patterns of bits are not exposed.
For decryption, each cipher block is passed through the decryption algorithm.The result is XORed with the preceding ciphertext block to produce the plaintext block.
Note that it is the encryption function that is used, not the decryption function.This is easily explained.

Counter Cipher Feedback (CCFB) Mode
The Block Cipher scheme is essentially a block cipher technique that uses b-bit blocks.However, it is possible to convert into a stream cipher, using the Counter cipher feedback (CCFB).A stream cipher eliminates the need to pad a message to be an integral number of blocks.It also can operate in real time.Thus, if a character stream is being transmitted, each character can be encrypted and transmitted immediately using a character-oriented stream cipher.
One desirable property of a stream cipher is that the ciphertext be of the same length as the plaintext.Thus, if 8-bit characters are being transmitted, Each character should be encrypted to produce a cipher text output of 8 bits.
If more than 8 bits are produced, transmission capacity is wasted.Figure .3depicts the CCFB scheme.In the figure, it is assumed that the unit of transmission is s bits; a common value is s = 8.As with CCBC, the units of plaintext are chained together, so that the ciphertext of any plaintext unit is a function of all the preceding plaintext.In this case, rather than units of b bits, the plaintext is divided into segments of s bits.For decryption, the same scheme is used, except that the received ciphertext unit is XORed with the output of the encryption function to produce the plaintext unit.Note that it is the encryption function that is used, not the decryption function.This is easily explained.Let S s (X) be defined as the most significant s bits of X.
Then Therefore, The same reasoning holds for subsequent steps in the process.The general encryption/decryption functions are:

Counter Output Feedback (COFB) Mode
The Counter output feedback (COFB) mode is similar in structure to that of CCFB, as illustrated in Figure .4.As can be seen, it is the output of the encryption function that is fed back to the shift register in COFB, whereas in CCFB the ciphertext unit is fed back to the shift register.One advantage of the COFB method is that bit errors in transmission do not propagate.For example, if a bit error occurs in C1 only the recovered value of is P1 affected; subsequent plaintext units are not corrupted.With CCFB, C1 also serves as input to the shift register and therefore causes additional corruption downstream.The disadvantage of OFB is that it is more vulnerable to a message stream modification attack than is CFB.Consider that complementing a bit in the ciphertext complements the corresponding bit in the recovered plaintext.Thus, controlled changes to the recovered plaintext can be made.This may make it possible for an opponent, by making the necessary changes to the checksum portion of the message as well as to the data portion, to alter the ciphertext in such a way that it is not detected by an error-correcting code [11].We can solve this problem by adding the Counter for each block XORed

Implementation
This section introduces the implementation of the three developed methods of Counter Mode.The proposed techniques are implemented using Visual Basic V6, the plaintext can be input as a printed text or as text file, where the key is inserted as an eight bytes.The execution time is approximately identical between equivalent modes, but the developed modes may give more security due to the chaining and feedback.

Discussion and Conclusions
One of the four basic modes-ECB, CBC, OFB, and CFB-is suitable for almost any application.These modes are not overly complex and probably do not reduce the security of the system.While it is possible that a complicated mode might increase the security of a system, most likely it just increases the complexity.

Figure. 3
Figure.3: s-bit Counter Cipher Feedback (CCFB) Mode First, consider encryption.The input to the encryption function is a b-bit shift register that is initially set to some initialization vector (IV) XORed with the Counter.The leftmost (most significant) s bits of the output of the encryption function are XORed with the first segment of plaintext P 1 to produce the first unit of ciphertext C 1 , which is then transmitted.In addition, the contents of the shift register are shifted left by s bits and C 1 is placed in the rightmost (least significant) s bits of the shift

Counter Cipher Block Chaining (CCBC) can
be describing as: The input to the encryption algorithm is the Counter is XORed with the preceding 64 bits of ciphertext or IV for first step.The output the encryption algorithm is XORed of plaintext to produce the next 64 bits ciphertext.It is applied to General purpose block oriented transmission, Authentication and Random Access.Counter Cipher Feedback (CCFB) can be describing as: Input is processed b-bits at a time.Preceding ciphertext is XORed with Counter and used as input to the encryption algorithm to produce pseudorandom output, which is XORed with plaintext to produce next unit of ciphertext.It is applied to General purpose stream oriented transmission, Authentication and Random Access.Counter Output Feedback (COFB) can be describing as: Similar to CCFB, except that the input to the encryption algorithm is the preceding block encryption output.It is applied to Stream-oriented transmission over noisy channel e.g., satellite communication.Finally, all developed methods are more secure than Original Counter Mode due to the Chaining and feedback.