Cipher Block Chaining (CBC)

Cipher Block Chaining (CBC) is an encryption mode where each plaintext block is XORed with the previous ciphertext block before encryption. This chains blocks together, preventing the pattern leakage found in ECB mode.

How It Works

Encryption:
C[0] = IV (Initialization Vector)
C[i] = Encrypt(P[i] XOR C[i-1], Key)

Decryption:
P[i] = Decrypt(C[i], Key) XOR C[i-1]

// First block uses IV instead of previous ciphertext

Visual Representation

         P[1]              P[2]              P[3]
          │                  │                  │
          ▼                  ▼                  ▼
IV ──► [XOR] ──► [Encrypt] ─┬─► [XOR] ──► [Encrypt] ─┬─► [XOR] ──► [Encrypt]
                            │                        │
                            ▼                        ▼
                          C[1]                     C[2]                   C[3]

Properties

• Identical plaintexts produce different ciphertexts (with different IVs)
• Requires padding for non-block-aligned data
• Sequential encryption (can't parallelize)
• Decryption can be parallelized

Vulnerabilities

• Padding Oracle Attack - if padding errors are distinguishable
• Bit Flipping Attack - modifying ciphertext affects next block
• IV must be unpredictable (random or encrypted counter)

Best Practices

• Use random IV for each encryption
• Add HMAC for integrity (Encrypt-then-MAC)
• Use constant-time padding validation
• Consider GCM instead for authenticated encryption

See Also

• Galois/Counter Mode (GCM)
• Padding Oracle Attack
• CBC Bit Flipping Attack