← Lessons

quiz vs the machine

Gold1380

Security

The Block Cipher Modes

Why a raw block cipher needs a mode of operation, and how ECB leaks while GCM protects.

5 min read · core · beat Gold to climb

The Problem

A block cipher only encrypts one fixed sized block. Real messages are longer, so a mode of operation describes how to chain blocks together safely.

The Dangerous Mode

ECB, electronic codebook, encrypts each block independently. Identical plaintext blocks become identical ciphertext blocks, so patterns in the data leak through. ECB should almost never be used.

Safer Modes

  • CBC chains each block by mixing it with the previous ciphertext, using a random initialization vector to start.
  • CTR turns the block cipher into a stream by encrypting a counter and combining it with the data.
  • GCM builds on counter mode and adds an authentication tag, giving confidentiality and integrity at once.

Choosing One

Modern systems prefer authenticated modes like GCM because they detect tampering automatically. A unique nonce per message is essential: reusing a nonce in counter based modes can catastrophically reveal data.

Key idea

A mode of operation safely extends a block cipher over long data, and authenticated modes like GCM with a unique nonce are preferred because they protect both secrecy and integrity while ECB dangerously leaks patterns.

Check yourself

Answer to earn rating on the learn ladder.

1. Why is ECB mode dangerous?

2. What does GCM add beyond confidentiality?

3. What must be unique per message in counter based modes?