Encryption algorithms can have different modes of operation (modes). A mode is a kind of companion algorithm that tailors the symmetric-key algorithm for different applications, such as confidentiality or authentication. Two modes for the algorithms supported by OpenEdge are:
CBC—Cipher block chaining. CBC is a mode of operation for a block cipher in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block. Cipher block chaining uses an initialization vector (IV) of a certain length. One of the key characteristics of CBC is that it uses a chaining mechanism that causes the decryption of a block of ciphertext to depend on all the preceding ciphertext blocks. As a result, the entire validity of all preceding blocks is contained in the immediately previous ciphertext block. A single bit error in a ciphertext block affects the decryption of all subsequent blocks. Rearrangement of the order of the ciphertext blocks causes decryption to become corrupted.
ECB—Electronic Code Book. ECB is a mode of operation for a block cipher with the characteristic that each possible block of plaintext has a defined corresponding ciphertext value and vice versa. In other words, the same plaintext value will always result in the same ciphertext value. Electronic Code Book is used when a volume of plaintext is separated into several blocks of data, each of which is then encrypted independently of other blocks.
ECB is not a good mode to use with small block sizes (for example, smaller than 40 bits) and identical encryption modes. This is because some words and phrases may be reused often enough that repetitive part-blocks of ciphertext can emerge, laying the groundwork for a code book attack where the plain text patterns are fairly obvious. Security may be improved when random pad bits are added to each block. On the other hand, 64-bit or larger blocks should contain enough unique characteristics (entropy) to make a codebook attack unlikely to succeed.
CBC—Cipher block chaining. CBC is a mode of operation for a block cipher in which a sequence of bits are encrypted as a single unit or block with a cipher key applied to the entire block. Cipher block chaining uses an initialization vector (IV) of a certain length. One of the key characteristics of CBC is that it uses a chaining mechanism that causes the decryption of a block of ciphertext to depend on all the preceding ciphertext blocks. As a result, the entire validity of all preceding blocks is contained in the immediately previous ciphertext block. A single bit error in a ciphertext block affects the decryption of all subsequent blocks. Rearrangement of the order of the ciphertext blocks causes decryption to become corrupted.