Early Preview

This is currently very much a preview. Please feel free to try things out, but don't be upset if anything is not yet working. Feedback is welcome over on our GitHub Dicussions page.

enum System.Security.Cryptography.CipherMode

Assembly: System.Security.Cryptography

Specifies the block cipher mode to use for encryption.

Values

CBC

The Cipher Block Chaining ( <see langword="CBC" /> ) mode introduces feedback. Before each plain text block is encrypted, it is combined with the cipher text of the previous block by a bitwise exclusive OR operation. This ensures that even if the plain text contains many identical blocks, they will each encrypt to a different cipher text block. The initialization vector is combined with the first plain text block by a bitwise exclusive OR operation before the block is encrypted. If a single bit of the cipher text block is mangled, the corresponding plain text block will also be mangled. In addition, a bit in the subsequent block, in the same position as the original mangled bit, will be mangled.

ECB

The Electronic Codebook ( <see langword="ECB" /> ) mode encrypts each block individually. Any blocks of plain text that are identical and in the same message, or that are in a different message encrypted with the same key, will be transformed into identical cipher text blocks. Important: This mode is not recommended because it opens the door for multiple security exploits. If the plain text to be encrypted contains substantial repetition, it is feasible for the cipher text to be broken one block at a time. It is also possible to use block analysis to determine the encryption key. Also, an active adversary can substitute and exchange individual blocks without detection, which allows blocks to be saved and inserted into the stream at other points without detection.

OFB

The Output Feedback ( <see langword="OFB" /> ) mode processes small increments of plain text into cipher text instead of processing an entire block at a time. This mode is similar to <see langword="CFB" /> ; the only difference between the two modes is the way that the shift register is filled. If a bit in the cipher text is mangled, the corresponding bit of plain text will be mangled. However, if there are extra or missing bits from the cipher text, the plain text will be mangled from that point on.

CFB

The Cipher Feedback ( <see langword="CFB" /> ) mode processes small increments of plain text into cipher text, instead of processing an entire block at a time. This mode uses a shift register that is one block in length and is divided into sections. For example, if the block size is 8 bytes, with one byte processed at a time, the shift register is divided into eight sections. If a bit in the cipher text is mangled, one plain text bit is mangled and the shift register is corrupted. This results in the next several plain text increments being mangled until the bad bit is shifted out of the shift register. The default feedback size can vary by algorithm, but is typically either 8 bits or the number of bits of the block size. You can alter the number of feedback bits by using the <see cref="P:System.Security.Cryptography.SymmetricAlgorithm.FeedbackSize" /> property. Algorithms that support CFB use this property to set the feedback.

CTS

The Cipher Text Stealing ( <see langword="CTS" /> ) mode handles any length of plain text and produces cipher text whose length matches the plain text length. This mode behaves like the <see langword="CBC" /> mode for all but the last two blocks of the plain text.