Block Ciphers
​
According to Ferguson, Schneier, and Kohno (2010),
Block ciphers are one of the fundamental building blocks for cryptographic systems.
​
A block cipher is an encryption function for fixed-size blocks of data. The current generation of block ciphers has a block size of 128 bits (16 bytes). These block ciphers encrypt a 128-bit plaintext and generate a 128-bit ciphertext as the result. The block cipher is reversible; there is a decryption function that takes the 128-bit ciphertext and decrypts it to the original 128-bit plaintext. The plaintext and ciphertext are always the same size, and we call this the block size of the block cipher.
​
To encrypt with a block cipher, we need a secret key. Without a secret key, there is no way to hide the message. Like the plaintext and ciphertext, the key is also a string of bits. Common key sizes are 128 and 256 bits. (Ferguson, Schneier, & Kohno, 2010)
​
Here's a YouTube video by Ryan Kral on Block Ciphers:
https://www.youtube.com/watch?v=-Gk9kaFoBxU
​
Ferguson, Schneier, and Kohno pointed out that there are hundreds of block ciphers that have been proposed over the years. It is very easy to design a new block cipher. It is fiendishly hard to design a good new block cipher. Building a secure block cipher that is efficient in a wide variety of different applications. Efficiency is a balance between performance and security. The more secure, the more computing power it takes to process which takes more time to process. They recommend that one should not use an unknown cipher in a real system. The cryptographic community doesn't trust a cipher until it has been reviewed thoroughly by other experts. (Ferguson, Schneier, & Kohno, 2010)
​
The Real Cipher Blocks according to Ferguson, Schneier, and Kohno (2010):
​
Data Encryption Standard (DES) has finally outlived its usefulness. Its restricted key size of 56 bits and small block size of 64 bits make it unsuitable for today's fast computers and large amounts of data. It survives in the form of 3DES, which is a block cipher built from three DES encryptions in sequence - encrypt with DES with one 56 bit key, decrypt with a second 56 bit key, and then encrypt again either with the first key or a third 56 bit key. This solves the most immediate problem of the small key size, but there is no known fix for the small block size. DES is not a fast cipher by current standards and 3DES is one-third the speed of DES. You will still find DES in many systems, but we do not recommend using either DES or 3DES in new designs. (Ferguson, Schneier, & Kohno, 2010)
​
The Advanced Encryption Standard (AES) is the U.S. government standard created to replace DES. AES is relatively easy to use and implement. All cryptography libraries support support it, and customers like it, because it is "the standard." (Ferguson, Schneier, & Kohno, 2010)
​
Instead of designing or commissioning a cipher, the U.S. National Institute of Standards and Technology (NIST) asked for proposals from the cryptographic community. A total of 15 proposals were submitted. Five ciphers were selected as finalists, after which Rijndael was selected to become AES. AES became a standard in 2001. (Ferguson, Schneier, & Kohno, 2010)
​
All of the AES finalists (Rijndael, Serpent, Twofish, RC6, and MARS), and hence AES, support keys of 128, 192, and 256 bits. For almost all applications, a 128 bit security level is enough. However, to achieve 128 bits of security, we suggest keys longer than 128 bits. (Ferguson, Schneier, & Kohno, 2010)
​
Most block cipher modes allow meet-in-the-middle attacks of some form. We've had enough of this race, so here is our recommendation: For a security level of n bits, every cryptographic value should be at least 2n bits long. For 128 bit security, we really want to use a block cipher with a block size of 256 bits.
​
Note that we advocate the use of 256 bit keys for systems with a design strength of 128 bits. In other words, these systems are
designed to withstand attacks that can perform 2^128 operations in their attack. Just remember to use the design strength (128 bits), not the key length of 256 bits, for sizing the rest of the system. (Ferguson, Schneier, & Kohno, 2010)
​
​
Source:
Ferguson, N., Schneier, B., & Kohno, T. (2010). Block Ciphers. In N. Ferguson, B. Schneier, & T. Kohno
Cryptography Engineering (p. 43-59). Indianapolis: Wiley Publishing, Inc.