Encryption is a process of transforming information (referred to as plaintext) into an unreadable form (referred to as ciphertext). Decryption is a transformation that recovers the plaintext from the ciphertext. A cipher performs a transformation that is controlled using a symmetric key (same key used for ciphering and deciphering) or an asymmetric key (different keys used for ciphering and deciphering) such that when the key is input to the cipher along with plaintext, the plaintext is enciphered via an encryption transformation, and when the key is input to the cipher along with ciphertext, the ciphertext is deciphered via a decryption transformation (which is an inverse of the encryption transformation). Encryption transformations are performed by an encryption algorithm (function) of a cipher, and decryption transformations are performed by a decryption algorithm (function) of the cipher. As such, the term “encipher” and “encrypt” may be used interchangeably in the following discussion. Likewise, the term “decipher” and “decrypt” may also be used interchangeably in the following discussion.
Encryption is used to protect military and civilian systems, examples of which include Internet e-commerce, mobile telephone networks, bank automatic teller machines, etc. As technology and computing power advance, new vulnerabilities are commonly discovered for encryption mechanisms that were previously considered secure.
Conventionally, ciphertext block chaining provides an encryption mode to prevent an attacker from being able to create a code table from commonly repeated blocks. For instance, a block of space characters typically results in the same ciphertext block. Specifically, an output stream is prepended with a random block, which is referred to as an initialization vector (IV). For a block to be enciphered, the IV is combined with the current block of plaintext using a binary exclusive or (XOR) operation. Then the resulting block is enciphered. The current IV is replaced with the resulting enciphered block, which is appended to the output stream.
Block-based encryption typically involves an actual amount of data to be encrypted into data sizes that are exact multiples of the cipher-block size. For example, the operating system of a computing system may encrypt data in blocks and each block has a block size, such as 512 bytes. However, the size of an encrypted file should match the size when decrypted. When a file is encrypted, the encryption may add additional data bytes to a particular block, which may change the size of the file. This may have some undesirable effects.