Symmetric Encryption · Modes of Operation

Four ways the same block cipher encrypts a message

A block cipher only encrypts a single fixed-size block. To encrypt a longer message, the cipher is applied repeatedly under a chosen mode. Each mode chains blocks together differently, and those choices change parallelism, error propagation, and security guarantees. Here are the four classical modes operating on the same plaintext side by side.

Interactive lecture aidRolling Thunder Security · Cybersecurity Fundamentals

Speed

Stage 0 / 4

ECB Electronic Code Book

The simplest mode. Each plaintext block is encrypted on its own with the same key. Identical plaintext blocks always produce identical ciphertext blocks, which leaks structure and is ECB's well-known weakness.

CBC Cipher Block Chaining

Each plaintext block is XORed with the previous ciphertext block before encryption. The first block uses an initialization vector (IV). Identical plaintext blocks now produce different ciphertext, but encryption cannot be parallelized.

CFB Cipher Feedback

The cipher encrypts the previous ciphertext (or IV) and the result is XORed with plaintext to produce the next ciphertext. The block cipher itself is only ever used to encrypt, so CFB turns a block cipher into a self-synchronizing stream cipher.

OFB Output Feedback

The cipher encrypts its own previous output, generating a keystream Oᵢ that is XORed with plaintext. Unlike CFB, the keystream depends only on the key and IV, so a bit flip in ciphertext flips one bit of plaintext on decryption and never propagates.

Color Reference

Pᵢ — plaintext blocksame input across all four modes

Cᵢ — ciphertext blockfinal encrypted output

IV — initialization vectorrandom per-message starting value

E(K, ·) — block ciphersame key K used in every block

⊕ — XORbitwise, its own inverse

Oᵢ — OFB keystreamindependent of plaintext

Press Space to play or pause · R to reset · → to step