7. The Bedrock of Cybersecurity: Cryptography 163 Figure 7.8 Using OpenSSL to encrypt and decrypt a message. Block sizes can technically be any length, but AES uses a 128 bit block size. To encrypt, the input is chunked into 128 bit blocks. The first block of the plaintext (P1) is fed into the encryption algorithm along with the key to produce the first ciphertext block (C1). Then the next block (P2) is transformed into C2, and so on until all of the plaintext blocks are consumed. As many ciphertext blocks as are needed to encrypt the plaintext will be produced by this process.The last block of plaintext is almost always a partial block. This is because plaintexts can be any length, and the chance of them being a multiple of the blocksize is low. A padding protocol must be defined to deal with partial blocks. Padding is filler bits that the cryptosystem adds to the final plaintext block to make it exactly the block size. The padding protocol defines the scheme for adding padding in such a way that the padded bits can be positively identified and stripped away by the decryption process. Adding and stripping away padding is performed by block cipher cryptosystems under the hood—users never see the padding. Like keystream algorithms, block cipher encryption is deterministic. Given the same encryption algorithm and the same key, the same plaintext block will always produce the same ciphertext block. This is a weakness because it reveals information about the underlying plaintext. If an adversary observes the same ciphertext blocks, he knows the corresponding plaintext blocks are also the same. This is a serious issue if a plaintext file has long sections of repeated bits. Figure 7.9 shows a plaintext image file of a black and white treasure map and the resulting ciphertext.3 Although it is not quite as clear, the path to the X that marks the spot of the hidden treasure can be easily identified in the encrypted file! The problem is not with the encryption algorithm or the key—both are industry strength—but with the fact that the image has many repeated sections of white 3 In Figures 7.9 and 7.10, the plaintext image header was copied to the encrypted file so the encrypted image could be rendered—no other data was modified.
RkJQdWJsaXNoZXIy MTM4ODY=