ISSN: 2641-3086

Review Article
Open Access Peer-Reviewed

**Cite this as**

**Copyright License**

Block ciphers are scrutinized cryptographic primitives for secure encryption and decryption that ensures confidentiality, authenticity, and authenticated encryption [1], where particular plaintext blocks are treated as a single block and always produce ciphertext blocks with the same size [2]. In the last few years, researchers conducted a lot of research on block cipher, and it is believed that building an efficient and secure block cipher is now a big problem [3]. Currently, some block cipher algorithms developed like DES, 3DES, Blowfish, AES, RC4, RC5, and RC6 [4-7]. In particular, each block cipher algorithm allowed to prove efficiency and security against attacks like chosen plaintext attacks and chosen ciphertext attacks [8-11]. The more secure block cipher algorithm that has been incorporated into the current main worldwide standard for encryption is AES by NIST [12]. The size of AES is 128-bit block, and the key size of AES can be 128-bit, 196-bit, or 256-bit. The security of the block cipher is based on the four functions, permutation, substitution, arithmetic operation, and XOR operation when fixed with the secret key. The size of the block of AES provides sufficient security and efficiency, particularly the key size of 128-bit provides resistance to brute force attacks [13].

Block cipher algorithms are unenabled to encrypt plaintext with a size that is different from the defined size of one block as well. There are two ways to solve this issue one is the padding technique present in [14] and another way is operation modes. Block cipher operation modes may also provide security, and efficiency, strengthen the effect of the encryption algorithm as well as convert block cipher into stream cipher. To meet this requirement NIST recommends five modes of operation that apply to AES, these operation modes are Electronic Code Book (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), Counter mode (CTR) and standardized in 2001 [15]. Generally, the ECB mode encrypts the same plaintext into the same ciphertext under a given key, so in critical applications, ECB mode is practically undesirable that’s why it’s not widely used [16]. In CBC mode each block of plaintext depends on the outcome of the previous block (ciphertext) and the first plaintext block requires an initialization vector (IV) that’s XORed with the first block of plaintext. The IV must be unpredictable and need not be secret [17]. In CFB mode each input block of the encryption algorithm feeds successive ciphertext blocks of the previous block, the output XORed with the block of plaintext to produce the ciphertext block. So, error propagation can be occurred in CFB mode [18]. In OFB mode, the output of the encryption block is independently XORed with plaintext to produce ciphertext [19]. In CTR mode, each encryption block produces output independently from the set of input blocks called counter, XORed with the plaintext block provides ciphertext blocks. Each mode of operation has its own parameter that provides necessary security to the encryption algorithm. Currently, there are different types of attack on these operation modes have been developed [20,21]. So, these operations modes have their own security risk.

The development and analysis of more secure and efficient authenticated encryption modes have gained considerable attention. Research efforts have been directed toward creating algorithms that not only encrypt data but also authenticate it, thereby ensuring data integrity and confidentiality simultaneously. Authenticated encryption modes like OCB (Offset Codebook Mode) and AEAD (Authenticated Encryption with Associated Data) have been highlighted for their capability to provide high security and performance, particularly in protocols where both encryption and authentication are paramount [22]. Moreover, the advent of lightweight cryptography has been instrumental in addressing the challenges posed by the Internet of Things (IoT) and other resource-constrained environments. The design of lightweight block cipher modes aims to achieve optimal security with minimal resource utilization, ensuring the widespread applicability of cryptographic solutions across various platforms [23]. Another significant area of research has been the focus on enhancing resistance to side-channel attacks, which exploit physical implementations of cryptographic algorithms. Innovations in block cipher modes are increasingly incorporating countermeasures against such attacks, ensuring that security is maintained not only at the algorithmic level but also in practical implementations [24].

The integration of quantum-resistant cryptographic algorithms into block cipher modes represents a forward-looking approach to cryptography, anticipating the potential impact of quantum computing on current cryptographic standards. This research area is crucial for future-proofing cryptographic protocols against the capabilities of quantum computers [25]. Lastly, the ongoing efforts by standardization bodies like NIST to evaluate and recommend block cipher modes of operation underscore the global commitment to securing digital information. These efforts aim to establish a set of standardized, secure, and efficient cryptographic protocols that can be universally adopted [26].

Our research introduces a new block cipher mode of operation named DKC, designed to enhance the security measures of existing modes. DKC is predicated on generating highly unpredictable values, offering advanced cryptographic protection for sensitive information. Traditional block cipher modes rely on a singular key to encrypt sequential blocks of plaintext, whereas DKC utilizes a dual-key system to elevate the security and intricacy of encryption.

In practical application scenarios, the DKC offers enhanced security features that are particularly beneficial in environments requiring stringent data protection. For instance, DKC can be applied in secure communication channels, such as those used for governmental or military communication, where the integrity and confidentiality of the transmitted information are paramount. Additionally, DKC’s robustness against various cryptographic attacks makes it an ideal candidate for securing financial transactions in the banking sector, ensuring the safety of sensitive customer data. Furthermore, its application in cloud storage services can provide an added layer of security, protecting users’ personal and corporate data from unauthorized access and breaches.

The forthcoming sections of this paper are structured as follows: Section 2 delves into the NIST-recommended operation modes of block ciphers; Section 3 elucidates our proposed DKC mode; Section 4 presents a detailed security analysis comparing DKC against these operation modes, particularly focusing on resistance to chosen plaintext attacks; and Section 5 concludes the paper with our findings and implications of the study.

In this section, we describe existing operation modes of block cipher that are recommended by NIST. Now first we define the parameter that’s used in these operation modes, particularly in CBC mode, CFB mode, OFB mode, and CTR mode.

*P _{1}*: The 1st plaintext block to be encrypted.

*P _{i}*: The ith plaintext block to be encrypted, for i = 2 … n.

*C _{1}*: The 1st ciphertext block to be encrypted.

*C _{i}*: The ith ciphertext block to be encrypted, for i = 2 … n.

*O _{1}*: The 1st output after encryption of IV in OFB mode

*O _{i}*: The ith output after encryption of

*O _{i-1}*: The output of previous block

IV: Initialization Vector (a random number for CBC, CFB, and OFB).

*K*: key for encryption algorithm

*ctr*: The counter is an input of the encryption algorithm in CTR mode.

⊕: Add XOR

The Cipher Block Chaining (CBC) Mode

The CBC mode is a confidential mode in which a chain appears between the successive encryption/decryption blocks. The CBC mode can be formulated as follows.

${C}_{1}={E}_{k}\left({P}_{1}\oplus IV\right);\text{}(\text{Encryption})\text{(1)}$

${C}_{i}={E}_{k}\left({P}_{i}\oplus {C}_{i-1}\right)\text{for2}\le \text{i}\le \text{n}.\text{(2)}$

${P}_{1}={D}_{k}({C}_{1})\oplus \text{IV}(\text{Decryption})\text{(3)}$

${P}_{i}={D}_{k}({C}_{i})\oplus \text{}{C}_{i-1}\text{for2}\le \text{i}\le \text{n}.\text{(4)}$

In the encryption process plaintext *P _{i}* XORed with ciphertext block of the previous block

The CFB mode is a confidential mode that requires an initialization input IV and it must be unpredictable like CBC mode and need not be secret. The CFB mode can be formulated as follows.

${C}_{1}=({E}_{k}\left(IV\right)\oplus {P}_{1})\text{}(\text{Encryption})\text{(5)}$

${C}_{i}=({E}_{k}\left({C}_{i-1}\right)\oplus {P}_{i})\text{for2}\le \text{i}\le \text{n}.\text{(6)}$

${P}_{1}=({D}_{k}(IV)\oplus \text{}{C}_{1})\text{}(\text{Decryption})\text{(7)}$

${P}_{i}=({D}_{k}({C}_{i-1})\oplus \text{}{C}_{i})\text{for2}\le \text{i}\le \text{n}.\text{(8)}$

The encryption process of CFB depends on the ciphertext of the previous block *C _{i-1}* then it encrypts under a key

The OFB mode is a confidential mode that is quite similar to the CFB mode and runs a block cipher as a stream cipher. The OFB mode can be formulated as follows.

${O}_{1}={E}_{k}\left(IV\right);{C}_{1}=({O}_{1}\oplus {P}_{1})\text{}(\text{Encryption})\text{(9)}$

${O}_{i}={E}_{k}\left({O}_{i-1}\right);{C}_{i}=({O}_{i}\oplus {P}_{i})\text{for2}\le \text{i}\le \text{n}.\text{(10)}$

${O}_{1}={E}_{k}\left(IV\right);{P}_{1}=({O}_{1}\oplus {C}_{1})\text{}(\text{Decryption})\text{(11)}$

${O}_{i}={E}_{k}\left({O}_{i-1}\right);{P}_{i}=({O}_{i}\oplus {C}_{i})\text{for2}\le \text{i}\le \text{n}.\text{(12)}$

The encryption process of each plaintext block takes *O _{i-1}* as input and encrypt under key

The CTR mode is a confidential mode that uses a block cipher as its stream generator, whose input is a counter value. The value of the counter changes every time a new key stream is generated and the counters for a given message are divided into chunks of counters. The CTR mode can be formulated as follows.

${C}_{i}={E}_{k}\text{}(ct{r}_{i})\oplus {P}_{i}\text{}(\text{Encryption})\text{(13)}$

${P}_{i}={E}_{k}(ct{r}_{i})\oplus {C}_{i}\text{}(\text{Decryption})\text{(14)}$

The value of the counters is independent of the previous block output. In CTR encryption each encryption block is invoked on each counter the resulting is XORed with the corresponding block of plaintext *P _{i}* to produce a block of ciphertext

In this section, we describe how our proposed DKC structures encrypt the plaintext blocks as well as decrypt ciphertext blocks. First, we will define those functions and parameters invoked by the DKC mode. The definitions of *P _{i}*,

*k _{1}*: The block cipher encryption key, the same role as key

*k _{2}*: It is used to encrypt IV to get unpredictable output, same length as IV.

*O _{1}*: The unpredictable output from encryption of IV under

The DKC mode overcomes the parallelization of ECB mode and CTR mode as well as overcomes the chaining dependency of CBC, CFB, and OFB mode. The DKC mode takes advantage of these five operation modes that are recommended by NIST and overcomes the deficiency of these operation modes. The DKC mode improves efficiency and provides chaining dependency as well as high security. The DKC mode divided block of plaintext into the sequence of plaintext blocks: ${P}_{i}=\{{P}_{1},{P}_{2},\text{}{P}_{3},\dots ,{P}_{\text{n}}\}$ , the length of each block of plaintext $\left|{P}_{i}\right|$ is equal to the length of the encryption algorithm. The length of $\left|{P}_{i}\right|$ depend on the encryption algorithm, if the encryption algorithm is DES then the size of each block is 64-bit and if the encryption algorithm is AES then the size of each block is 128-bit [27], respectively. The DKC provides partial parallelization as well as chaining encryption because each encryption block takes output directly from the previous block before encryption. So, error propagation cannot occur.

On the other hand, existing operation modes like CBC, CFB, and OFB mode provide chaining encryption but they have some drawbacks and security deficiencies [28,29]. In these modes of operation, each block depends on the output/ciphertext of the previous block. The error propagation can occur in these modes. Moreover, the CTR mode has parallel encryption but bit-flipping attacks are easy and reusing of key as well as nonce/counter is dangerous [28-30].

In the DKC encryption process, each encryption block partially depends on the previous encryption block *O _{i-1}* then XORed with the plaintext

${O}_{1}={E}_{{k}_{2}}\left(IV\right)\text{(15)}$

${O}_{\text{i}}={O}_{1}\oplus {P}_{1}\text{for2}\le \text{i}\le \text{n(16)}$

${C}_{1}={E}_{{k}_{1}}\left({O}_{1}\oplus {P}_{1}\right)\oplus {O}_{1}\text{(17)}$

${C}_{\text{i}}={E}_{{k}_{1}}\left({O}_{\text{i}-1}\oplus {P}_{\text{i}}\right)\oplus {O}_{1}\text{for2}\le \text{i}\le \text{n(18)}$

The encryption process of DKC mode is shown in Figure 1. The general rule is that *O _{i-1}*,

Figure 1 illustrates the encryption process of the DKC. The components and flow are represented as follows:

**IV (Initialization Vector):** This is a random or pseudorandom value that is used only once per encryption session. It ensures that the encryption of the same plaintext results in different ciphertexts each time.

**Block cipher encryption with k_{2}:** The IV is encrypted using the second key

**Plaintext blocks
$\text{(}{P}_{1},{P}_{2},{P}_{3},\dots ,{P}_{n})$
:** These are the sequential plaintext blocks that need to be encrypted. Each block is of a fixed size determined by the block cipher’s design (e.g., 128 bits for AES).

**XOR operation:** Each plaintext block *P _{i}* is XORed with the output from the previous encryption step. For the first plaintext block

**Block cipher encryption with k_{1}:** After the XOR operation, the resulting value is then encrypted using the first key,

Ciphertext blocks
$\text{(}{C}_{1},{C}_{2},{C}_{3},\dots ,{C}_{n})$
: These are the resulting blocks of encrypted data. Each ciphertext block *C _{i}* is produced by the XOR operation between

**Chaining dependency:** The output of each encryption block (*O _{i-1}*) is used as an input for the encryption of the next block (

This DKC mode encryption diagram shows that the encryption process for each block partially depends on the output of the previous block, which is a design intended to mitigate error propagation while still providing the security benefits of chaining. The dual-key approach (using both *k _{1}* and

In the DKC decryption process, each encryption block depends on the output *O _{1}* then XORed with the ciphertext

${O}_{1}={D}_{{k}_{2}}\left(IV\right)\text{(19)}$

${O}_{\text{i}}={D}_{{k}_{1}}({O}_{1}\oplus {C}_{1})\text{for2}\le \text{i}\le \text{n(20)}$

${P}_{1}={D}_{{k}_{1}}\left({O}_{1}\oplus {C}_{1}\right)\oplus {O}_{1}\text{(21)}$

${P}_{\text{i}}={D}_{{k}_{1}}\left({O}_{1}\oplus {C}_{\text{i}}\right)\oplus {O}_{\text{i}-1}\text{fori}=\text{2}\dots \text{n}.\text{(22)}$

Figure 2 depicts the decryption process for the DKC, which is essentially the reverse of the encryption process. Here’s a condensed version of the DKC decryption process:

**Reversing initialization:** The IV is decrypted with *k _{1}* to produce

**Sequential decryption:** For each ciphertext block *C _{1}*, XOR it with

**Chaining effect:** The decryption of each block is dependent on the successful decryption of the previous block, mirroring the encryption chaining mechanism.

Figure 2 shows how DKC mode maintains the inter-block dependencies during decryption, ensuring that the original plaintext is reconstructed correctly from the ciphertext blocks.

The mode of operations for block cipher described above in section 2, including the CBC, CFB, OFB, and CTR, have their own security risk because the security level of these operation modes does not effectively improve. So, this section analyses the security of these existing block cipher modes of operation as well as our proposed DKC mode when each of them faces the chosen plaintext attacks.

The CBC mode is vulnerable to chosen plaintext attacks if intruders predict IV, then encryption cannot be resistant to chosen plaintext attacks. Whereas the intruder inputs large plaintext
${P}_{i}=\{{P}_{1},{P}_{2},\text{}{P}_{3},\dots ,{P}_{\text{n}}\}$
to block cipher encryption algorithm to acquire the corresponding ciphertext
${C}_{i}=\{{C}_{1},{C}_{2},\text{}{C}_{3},\dots ,{C}_{\text{n}}\}$
, after that intruder obtained IV, *P _{i}*,

In the CFB mode, *O _{i}* is only derived from IV/

The OFB mode is also vulnerable to chosen plaintext attacks. If intruders predict IV, then they can get the advantage of inputting an IV into the encryption algorithm to acquire O1 and corresponding
${O}_{i}=\{{O}_{2},\text{}{O}_{3},\dots ,{O}_{\text{n}}\}$
(the output *O _{i}* only be acquired by output

In CTR mode, the output value *O _{i}* only determined by incremental integer ctr and fixed key

The security goal for DKC is achieving indistinguishability under chosen plaintext attacks (IND-CPA), implying an adversary cannot practically distinguish ciphertexts produced by DKC from those produced by a random permutation.

**- Game 0 (real game):** An adversary interacts with a real encryption oracle of DKC, where for a chosen plaintext *P,* the oracle returns a ciphertext *C* from encrypting *P* using DKC mode.

**- Game 1 (random game):** The adversary interacts with a simulated oracle returning a random string *C* of identical length to the encryption of *P,* regardless of *P*.

An adversary *A* selects plaintexts
${P}_{1},{P}_{2},\text{}{P}_{3},\dots ,{P}_{\text{n}}$
and queries the oracle to receive corresponding ciphertexts. The advantage of *A* in distinguishing between the two games is:

$Ad{v}_{A}=|\text{}Pr[A\text{}wins\text{}Game\text{}0]\text{}-\text{}Pr[A\text{}wins\text{}Game\text{}1]\text{}|$

For DKC mode,encrypting a plaintext block *P _{i}* under keys

Assuming an adversary *A* has a non-negligible advantage ε in distinguishing Game 0 from Game 1 implies A can distinguish DKC’s encryption from a random permutation, contradicting DKC’s IND-CPA security definition. Given DKC’s structure, where *k _{1}* and

The DKC presents significant security improvements over traditional block cipher modes like ECB, CBC, CFB, OFB, and CTR. Unlike ECB, which suffers from pattern recognition vulnerabilities due to identical plaintext blocks producing identical ciphertext blocks, DKC’s dual-key mechanism and generation of unpredictable values ensure that similar patterns are not discernible in the ciphertext. This enhances its resistance to pattern analysis and chosen plaintext attacks. In contrast to CBC and CFB, which are susceptible to error propagation and chosen plaintext attacks due to their chaining dependencies, DKC minimizes these risks with its unique encryption process that avoids direct dependency on previous blocks. Furthermore, OFB’s vulnerability to IV reuse attacks is mitigated in DKC through its sophisticated IV encryption process, providing a robust defense mechanism against such exploits. Additionally, unlike CTR, which depends on the uniqueness of counters, DKC’s approach avoids potential vulnerabilities associated with counter-reuse, offering enhanced security. Overall, DKC’s advanced design principles, including the dual key strategy and unpredictable value generation, position it as a superior mode of operation, providing stronger security guarantees against a wider range of cryptographic attacks compared to traditional modes.

Our research presents the DKC mode as an innovative block cipher operation mode. We assess DKC against conventional modes across various criteria detailed in Table 1. These criteria span the type of encryption algorithm used, error propagation potential, dependency on previous encryption blocks (chain dependency), confidentiality assurance, support for parallel processing (parallelism), adaptability to plaintext of varying sizes, resilience to chosen plaintext attacks (indicating security level), and the rate at which the process can be executed (processing speed).

The DKC mode integrates a dual-key system to bolster security and reduce error propagation, a common issue in modes that rely heavily on the outcome of preceding blocks. While it maintains chain dependency, this does not impede parallel processing as much as in some other modes, striking a balance between security and efficiency. DKC’s handling of variable-sized plaintext and its defense against chosen plaintext attacks demonstrate its robustness and adaptability, potentially rendering it a superior option for secure cryptographic applications.

The DKC mode is a block cipher encryption method like AES or DES, designed for fixed-size input to generate ciphertext. DKC stands out because it can handle variable-sized plaintext; if a plaintext block exceeds the fixed size, DKC simply moves the overflow to the next block. One of the key features of DKC is that while it incorporates a chaining mechanism, it does not solely rely on the previous block’s encryption, thus preventing error propagation—a common issue in traditional chaining modes.

Unlike other modes, which often create a linear chain where each block’s encryption depends on the previous one, DKC allows for a form of partial parallelism. This characteristic improves the processing speed, making it faster than most other modes, though not as fast as CTR mode, which encrypts plaintext blocks in parallel.

In terms of security, especially regarding chosen plaintext attacks, DKC offers enhanced protection. While existing modes like CTR are susceptible to such attacks, DKC’s design, which involves encrypting each plaintext block with an unpredictable value, provides a strong defense, making it secure against chosen plaintext attacks.

Table 1 offers a comparative evaluation of various block cipher operation modes, including the novel DKC mode, across several cryptographic parameters.

**Encryption algorithm:** This criterion signifies compatibility with any encryption algorithm. All modes, including DKC, show versatility by supporting various encryption algorithms without restrictions.

**Chain dependency:** Chain dependency refers to the reliance of a block’s encryption on the previous block’s output. DKC, CBC, CFB, and OFB modes demonstrate a ‘Yes’ for chain dependency, indicating a sequential encryption process where the encryption of each block depends on the preceding one. CTR mode, however, is independent, as indicated by a ‘No,’ allowing for each block to be processed in isolation.

**Error propagation:** DKC and CTR modes excel by preventing error propagation (‘No’), meaning that an error in one ciphertext block does not affect subsequent blocks, thereby localizing any potential issues. In contrast, CBC, CFB, and OFB modes are susceptible to error propagation (‘Yes’), where a single block error can affect the decryption of subsequent blocks.

**Confidentiality:** All modes provide confidentiality (‘Yes’), ensuring that encrypted data remains inaccessible to unauthorized entities.

**Parallelism:** Only the CTR mode supports parallel processing (‘Yes’), enabling faster encryption and decryption by processing multiple blocks simultaneously. DKC, alongside CBC, CFB, and OFB, does not support this feature (‘No’), implying a sequential processing of blocks.

**CPA security:** CPA security assesses the mode’s resilience against chosen plaintext attacks. DKC asserts full security (‘Yes’), purporting robustness against such attacks. The CTR mode is ‘Partially’ secure, implying some susceptibility, whereas CBC, CFB, and OFB modes are deemed insecure (‘No’) against CPA.

**Plaintext size:** The table indicates all modes, including DKC, can manage plaintext of any size (‘Any’). This typically involves padding the plaintext to fit the block cipher’s block size requirements.

**Processing speed:** Figure 3 shows a comparison of encryption times for various modes against the proposed DKC mode over increasing block sizes. DKC’s performance is in line with conventional modes, displaying only a marginal increase in encryption time despite its enhanced security features. This suggests that DKC provides a significant security advantage, particularly against chosen plaintext attacks, without sacrificing efficiency. Its dual-key mechanism is designed to mitigate vulnerabilities inherent in single-key modes, making it a compelling choice for applications where security is paramount.

In essence, the DKC mode offers a trade-off between the highly parallelizable yet partially CPA-vulnerable CTR mode and the more traditional, sequentially dependent modes (CBC, CFB, OFB) that are prone to error propagation. DKC’s ‘Medium’ speed is justified by its significant security benefits, particularly in preventing error propagation and ensuring CPA security.

This study introduces the DKC, a novel block cipher mode of operation designed to address the security limitations of existing modes while integrating the advantages of both chaining and parallelization techniques recommended by NIST. Through our comprehensive analysis, DKC has demonstrated its superior capability to withstand chosen plaintext attacks, thereby offering a robust cryptographic solution for securing sensitive information across various applications. In comparison with traditional modes, DKC’s unique dual key mechanism and the generation of unpredictable values significantly elevate its security posture. This innovative approach ensures that DKC is not only resistant to common vulnerabilities but also excels in maintaining the confidentiality and integrity of data without compromising on efficiency.

The practical implications of DKC are profound. By effectively mitigating risks such as error propagation, chain dependency, and susceptibility to pattern recognition and chosen plaintext attacks, DKC presents a compelling case for adoption in high-security environments. Whether for securing communication channels, financial transactions, or cloud storage services, DKC offers a versatile and reliable solution that stands out in the face of evolving cryptographic challenges. Our findings affirm the potential of DKC as a leading cryptographic standard for future implementation. As the digital landscape continues to grow in complexity, the importance of innovative and secure encryption modes like DKC cannot be overstated. We encourage further research and application of DKC to explore its full capabilities and integration into global security frameworks.

- Rogaway P. Evaluation of some blockcipher modes of operation. 2011.
- Buchmann JA. Discrete Logarithms. Introduction to Cryptography: Springer. 2001; 185-204.
- Thabit F, Can O, Aljahdali AO, Al-Gaphari GH, Alkhzaimi HAJIoT. A Comprehensive Literature Survey of Cryptography Algorithms for Improving the IoT Security. 2023; 100759.
- Nadeem A, Javed MY. A performance comparison of data encryption algorithms. Information and communication technologies, 2005 ICICT 2005 First international conference on; 2005: IEEE.
- Singh G. A study of encryption algorithms (RSA, DES, 3DES, and AES) for information security. International Journal of Computer Applications. 2013; 67(19).
- Bhanot R, Hans R. Applications I. A review and comparative analysis of various encryption algorithms. International Journal of Security and Its Applications. 2015; 9(4):289-306.
- Barker E. NIST SP 800-67 Rev. 2, Recommendation for Triple Data Encryption Algorithm (TDEA) Block Cipher. 2017; 800; 67.
- Matsui M. Linear cryptanalysis method for DES cipher. Workshop on the Theory and Application of Cryptographic Techniques; 1993: Springer.
- Bleichenbacher D. Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS# 1. Annual International Cryptology Conference; 1998: Springer.
- Canetti R, Halevi S, Katz J. Chosen-ciphertext security from identity-based encryption. International Conference on the Theory and Applications of Cryptographic Techniques; 2004: Springer.
- Peng X, Zhang P, Wei H, Yu B. Known-plaintext attack on optical encryption based on double random phase keys. Opt Lett. 2006 Apr 15;31(8):1044-6. doi: 10.1364/ol.31.001044. PMID: 16625897.
- Standard A. Federal information processing standards publication. 197. 2001:46-3.
- Stallings W. Cryptography and Network Security, 4/E: Pearson Education India; 2006.
- Van Tilborg HC, Jajodia S. Encyclopedia of cryptography and security: Springer Science & Business Media; 2014.
- Dworkin M. Recommendation for block cipher modes of operation. Methods and techniques. National Inst of Standard and technology Gaithersburg MD Computer Security DIV, 2001.
- Daemen J. JhcngearRp. AES proposal. Rijndael, Document Version 2, 1999.
- Stallings W. Cryptography and network security: principles and practice: Pearson Upper Saddle River, NJ; 2017.
- Heys HM. Analysis of the statistical cipher feedback mode of block ciphers. IEEE Transactions on Computers. 2003; 52: 77-92.
- Smid ME, Branstad D. Data encryption standard: past and future. Information Technology Laboratory Computer Security Resource Center. 1988; 76(5):550-9.
- Wang D, Lin D, Wu WJINS. Related-Mode Attacks on CTR Encryption Mode. Computer Science 2007; 4(3):282-7.
- Hudde HC. Building stream ciphers from block ciphers and their security. 2009.
- Jimale MA, Z’aba MR, Kiah MLBM, Idris MYI, Jamil N, Mohamad MS. Authenticated encryption schemes: A systematic review. IEEE Access. 2022; 10:14739-66.
- Hassan A, editor Lightweight cryptography for the Internet of Things. Proceedings of the Future Technologies Conference (FTC) 2020, Volume 3; 2021: Springer.
- Bow I, Bete N, Saqib F, Che W, Patel C, Robucci R. Side-channel power resistance for encryption algorithms using implementation diversity. Cryptography. 2020; 4(2):13.
- Mashatan A, Heintzman DJQ. The complex path to quantum resistance: is your organization prepared? 2021; 19(2):65-92.
- Mammeri ZZ. Cryptography: Algorithms, Protocols, and Standards for Computer Security: John Wiley & Sons; 2024.
- Stallings W, Brown L, Bauer MD, Bhattacharjee AK. Computer security: principles and practice: Pearson Education; 2012.
- Wobst R. Adventure Cryptology: Methods, risks and benefits of data encryption: Pearson Deutschland GmbH; 2001.
- Lindell Y, Katz J. Introduction to modern cryptography: Chapman and Hall/CRC; 2014.
- De Canniere C, Biryukov A, Preneel BJPotI. An introduction to block cipher cryptanalysis. 2006; 94(2):346-56.

Subscribe to our articles alerts and stay tuned.

This work is licensed under a Creative Commons Attribution 4.0 International License.

Help ?

**PTZ:** We're glad you're here. Please click "create a new query" if you are a new visitor to our website and need further information from us.

If you are already a member of our network and need to keep track of any developments regarding a question you have already submitted, click "take me to my Query."