LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What is a mode of operation for a block cipher, and why must one always be specified?

A mode of operation defines how multiple blocks are chained together. A block cipher only encrypts one block (e.g. 128 bits); the mode says how to handle longer messages.

A bare block cipher answers "encrypt 16 bytes with this key" — but real messages are gigabytes. The mode chooses:

  • How to split the message into blocks.
  • How to handle the last (possibly partial) block (padding).
  • How blocks are linked so identical plaintext blocks don't always produce identical ciphertext blocks.
  • Whether you need an Initialisation Vector (IV) and what role it plays.

The same block cipher (AES, Twofish, Camellia) becomes a completely different security profile depending on the mode.

Common modes and their personalities:

Mode Confidentiality Integrity Parallelisable Notes
ECB (Electronic Code Book) ❌ (leaks patterns) Avoid — textbook bad
CBC (Cipher Block Chaining) ❌ encrypt / ✅ decrypt Padding-oracle attacks possible
CTR (Counter) Turns block cipher into stream cipher
GCM (Galois/Counter Mode) ✅ (AEAD) Modern default for TLS, SSH
CCM ✅ (AEAD) Limited Used by WPA2, ZigBee

Tip: Authenticated Encryption with Associated Data (AEAD) modes like AES-GCM and ChaCha20-Poly1305 are today's defaults — they bundle confidentiality and integrity in one primitive, eliminating an entire class of bugs (padding oracles, MAC-then-encrypt errors).

From Quiz: ISF / Symmetric Cryptography | Updated: Jul 14, 2026