Block Cipher Modes

A block cipher mode, or mode, for short, is an algorithm that features the use of a symmetric key block cipher algorithm to provide an information service, such as confidentiality or authentication.

With the advent of new block ciphers, such as the Advanced Encryption Standard (AES), there is a need to update long-standing modes of operation and an opportunity to consider the development of new modes.

Currently, NIST has approved eight modes of the approved block ciphers in a series of special publications. As summarized on the Current Modes page, there are five confidentiality modes (ECB, CBC, OFB, CFB, and CTR), one authentication mode (CMAC), and two combined modes for confidentiality and authentication (CCM and GCM).

In addition, NIST announced the draft NIST Special Publication 800-38E, Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Block-Oriented Storage Devices, for a period public comment ending September 17, 2009. This document, when finalized, will approve the XTS-AES mode of the AES algorithm by reference to IEEE Std 1619-2007, subject to one additional requirement. XTS-AES was designed to protect the confidentiality of data on block-oriented storage devices without providing authentication, in order to avoid expansion of the data; however, it does provide some protection against malicious manipulation of the encrypted data.

Several other modes have been submitted to NIST for consideration; the submission documents are available at the Modes Development page. NIST welcomes public input on whether to approve any of these modes. Comments may be submitted to EncryptionModes@nist.gov.