This preview shows page 1. Sign up to view the full content.
Unformatted text preview: ripleencryption modes: InnerCBC: Encrypt the entire file in CBC mode three different times (see Figure 15.1a). This requires three different IVs. Ci = EK3(Si • Ci  1); Si = DK2(Ti • Si  1); Ti = EK1(Pi • Ti  1) Pi = Ti  1 • DK1(Ti); Ti = Si  1 • EK2(Si); Si = Ci  1 • DK3(Ci) C0, S0, and T0 are IVs. OuterCBC: Tripleencrypt the entire file in CBC mode (see Figure 15.1b). This requires one IV. Ci = EK3(DK2(EK1(Pi • Ci  1))) Pi = Ci  1 • DK1(EK2(DK3(Ci))) Previous Table of Contents Next Products  Contact Us  About Us  Privacy  Ad Info  Home Use of this site is subject to certain Terms & Conditions, Copyright © 19962000 EarthWeb Inc. All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement. To access the contents, click the chapter and section titles. Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)
Go!
Keyword
Brief Full Advanced Search Search Tips (Publisher: John Wiley & Sons, Inc.) Author(s): Bruce Schneier ISBN: 0471128457 Publication Date: 01/01/96 Search this book:
Go! Previous Table of Contents Next
 Both modes require more resources than single encryption: more hardware or more time. However, given three encryption chips, the throughput of innerCBC is no slower than single encryption. Since the three CBC encryptions are independent, three chips can be kept busy all the time, each feeding back into itself. On the other hand, outerCBC feedback is outside the three encryptions. This means that even with three chips, the throughput is only onethird that of single encryption. To get the same throughput with outerCBC, you need to interleave IVs (see Section 9.12): Figure 15.1 Triple encryption in CBC mode. Ci = EK3(DK2(EK1(Pi • Ci3))) In this case C0, C1, and C2 are IVs. This doesn’t help software implementations any, unless you have a parallel machine. Unfortunately, the simpler mode is also the least secure. Biham analyzed various modes with respe...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details