Re: Key-based cryptographic modes

Jeff Dege wrote:
Block ciphers are generally used using one of the various cryptographic
modes. Electronic Code Book, Cipher Block Chaining, Cipher Feedback,
Output Feedback, etc.

Everyone of these I've ever read about involved mixing the prior block or
a sequential constant with the plaintext, the ciphertext, or both.

I've not seen one that mixed the prior block with the key - so that each
block was encrypted with a different key. And I can think of no
particular reason that this would not work.

Have these been discussed in the literature? Are there any particular
reasons why they're not used? Less secure? Harder to prove secure?

Key schedule is usually much slower than encryption of a single block
(because with iterated block ciphers you have to generate round key
material of total size equal to the size of block multiplied to the
number of rounds plus one).
Mixing something to the key for every encryption of a block will
require re-running key schedule for every block... that will give you
much much slower cipher... that additionally gives a lot of extra
opportunities for adversary mounting related key attack (adversary only
needs to flip some bits and that will affect your decryption keys for
the next block).



Relevant Pages

  • Re: Why was Rijndael picked over tfish as aes?
    ... > yet another "cipher." ... > nonlinearity distributions in Mixing constructions. ... > boxes of half the bit size. ...
  • Key-based cryptographic modes
    ... Electronic Code Book, Cipher Block Chaining, Cipher Feedback, ... to be the cause of more accidents than anything else. ... Captain William Ewart Fairbairn and Captain Eric Anthony Sykes ...
  • Re: ciphertext change results..
    ... > In DES or AES if I change only one bit of ciphertext and decrypt ... It depends on the "mode of operation" of the cipher. ... plaintext will be completely scrambled, ... In "Cipher Feedback" mode, ...