NIST logo

Publication Citation: Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode (NIST SP 800-38A)

NIST Authors in Bold

Author(s): Morris J. Dworkin;
Title: Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode (NIST SP 800-38A)
Published: October 21, 2010
Abstract: A limitation to Cipher Block Chaining (CBC) mode, as specified in NIST Special Publication 800-38A, is that the plaintext input must consist of a sequence of blocks. Ciphertext stealing is a padding method in which the required padding bits are "stolen" from the penultimate ciphertext block. This addendum to SP 800-38A specifies three variants of CBC mode with ciphertext stealing. These variants, which differ only in the ordering of the ciphertext bits, can encrypt any input whose bit length is greater than or equal to the block size. Unlike conventional padding methods, these variants do not expand the length of the data.
Citation: NIST SP - 800-38
Pages: 13 pp.
Keywords: Cipher Block Chaining; CBC; Mode of Operation; Block Cipher, Ciphertext Stealing; Encryption; Information Security.
Research Areas: Cybersecurity
PDF version: PDF Document Click here to retrieve PDF version of paper (354KB)