## What is a Block Cipher?

A block cipher is an encryption method that applies a deterministic algorithm along with a symmetric key to encrypt a block of text, rather than encrypting one bit at a time as in stream ciphers. For example, a common block cipher, AES (Advanced Encryption Standard), encrypts 128 bit blocks with a key of predetermined length: 128, 192, or 256 bits. Block ciphers are pseudorandom permutation (PRP) families that operate on the fixed size block of bits. PRPs are functions that cannot be differentiated from completely random permutations and thus, are considered reliable, until proven unreliable.

Block cipher modes of operation have been developed to eliminate the chance of encrypting identical blocks of text the same way, the ciphertext formed from the previous encrypted block is applied to the next block. A block of bits called an initialization vector (IV) is also used by modes of operation to ensure ciphertexts remain distinct even when the same plaintext message is encrypted a number of times.

Some of the various modes of operation for block ciphers include CBC (cipher block chaining), CFB (cipher feedback), CTR (counter), and GCM (Galois/Counter Mode), among others. AES, described above, is an example of a CBC mode where an IV is crossed with the initial plaintext block and the encryption algorithm is completed with a given key, and the ciphertext is then outputted. This resultant cipher text is then used in place of the IV in subsequent plaintext blocks.

For information on the block ciphers that are implemented in wolfSSL or to learn more about the wolfSSL lightweight, embedded SSL library, visit wolfssl.com or contact us at facts@wolfssl.com.

References

[1] Pseudorandom permutation. (2014, November 23). In Wikipedia, The Free Encyclopedia.Retrieved 22:06, December 18, 2014, from http://en.wikipedia.org/w/index.php?title=Pseudorandom_permutation&oldid=635108728.

[2] Margaret Rouse. (2014). Block Cipher [Online]. Available URL: http://searchsecurity.techtarget.com/definition/block-cipher.

[3] Block cipher mode of operation. (2014, December 12). In Wikipedia, The Free Encyclopedia. Retrieved 22:17, December 18, 2014, from http://en.wikipedia.org/w/index.php?title=Block_cipher_mode_of_operation&oldid=637837298

[4] Wikimedia. (2014). Available URL: http://upload.wikimedia.org/wikipedia/commons/d/d3/Cbc_encryption.png.

## What is a Stream Cipher?

A stream cipher encrypts plaintext messages by applying an encryption algorithm with a pseudorandom cipher digit stream (keystream). Each bit of the message is encrypted one by one with the corresponding keystream digit. Stream ciphers are typically used in cases where speed and simplicity are both requirements. If a 128 bit block cipher (such as AES [Advanced Encryption Standard]) were to be used in place of a stream cipher where it was encrypting messages of 32 bit blocks, 96 bits of padding would remain. This is an inefficient approach and is one reason why a stream cipher would be preferred over a block cipher, since stream ciphers operate on the smallest possible unit.

Some common stream ciphers include Salsa20, ChaCha (a seemingly better variant of Salsa20), Rabbit, and HC-256, among others. Block ciphers can be used in stream mode to act as a stream cipher. If a block cipher is run in CFB (cipher feedback), OFB (output feedback), or CTR (counter) mode, it does not require additional measures to handle messages that aren’t equivalent to the length of multiples of the block size, and eliminates the padding effect.

References

[1] Stream cipher. (2014, November 19). In Wikipedia, The Free Encyclopedia. Retrieved 16:19, December 19, 2014, from http://en.wikipedia.org/w/index.php?title=Stream_cipher&oldid=634494612.

[2] Margaret Rouse. Stream Cipher. (2005). Available URL: http://searchsecurity.techtarget.com/definition/stream-cipher.

[3] Block cipher mode of operation. (2014, December 12). In Wikipedia, The Free Encyclopedia. Retrieved 17:13, December 19, 2014, from http://en.wikipedia.org/w/index.php?title=Block_cipher_mode_of_operation&oldid=637837298.

## strongSwan + wolfSSL + FIPS!

As some may be aware, wolfSSL added support for strongSwan in April of 2019. The upstream commit can be reviewed here: https://github.com/strongswan/strongswan/pull/133

Users can test the latest development master of wolfSSL with the latest version of strongSwan using the following setup:

wolfSSL Build and Installation Steps

```\$ git clone https://github.com/wolfSSL/wolfssl.git

\$ cd wolfssl
\$ ./autogen.sh

\$ ./configure --enable-opensslall --enable-keygen --enable-rsapss --enable-des3 --enable-dtls --enable-certgen --enable-certreq --enable-certext --enable-sessioncerts --enable-crl --enable-ocsp CFLAGS="-DWOLFSSL_DES_ECB -DWOLFSSL_LOG_PRINTF -DWOLFSSL_PUBLIC_MP -DHAVE_EX_DATA"

\$ make
\$ make check
\$ sudo make install```

strongSwan Build and Installation Steps

```# if the following packages are not already installed:
\$ sudo apt-get install flex bison byacc libsoup2.4-dev gperf

\$ git clone https://github.com/strongswan/strongswan.git
\$ cd strongswan
\$ ./autogen.sh

# if packages are missing autogen.sh must be re-run

\$ ./configure --disable-defaults --enable-pki --enable-wolfssl --enable-pem
\$ make
\$ make check
\$ sudo make install```

wolfSSL has had interest in enabling FIPS 140-2/140-3 support with strongSwan so our engineers verified everything is working with the wolfCrypt FIPS 140-2 validated Module!

The steps wolfSSL used for testing are as follows:

Testing was done using the wolfSSL commercial FIPS release v4.7.0 which internally uses the wolfCrypt v4.0.0 FIPS 140-2 validated Crypto Module. It was located in the `/home/user-name/Downloads` directory on the target test system, Linux 4.15 Ubuntu 18.04 LTS running on Intel(R) Xeon(R) CPU E3-1270 v6 @ 3.80GHz.

1. wolfSSL was configured and installed with these settings:
```./configure --enable-opensslall --enable-keygen --enable-rsapss --enable-des3 --enable-dtls --enable-certgen --enable-certreq --enable-certext --enable-sessioncerts --enable-crl --enable-ocsp CFLAGS="-DWOLFSSL_DES_ECB -DWOLFSSL_LOG_PRINTF -DWOLFSSL_PUBLIC_MP -DHAVE_EX_DATA -DFP_MAX_BITS=8192" --enable-ed25519 --enable-curve25519 --enable-fips=v2 --enable-intelasm --prefix=\$(pwd)/../fips-install-dir
make
make install```
1. A custom install location was used which equated to `/home/user-name/Downloads/fips-install-dir` and the configuration for strongSwan accounted for this.
2. strongSwan was cloned to `/home/user-name/Downloads` with “`git clone https://github.com/strongswan/strongswan.git`
3. StongSwan was configured and installed with these settings:
```./configure --disable-defaults --enable-pki --enable-wolfssl --enable-pem --prefix=\$(pwd)/../strongswan-install-dir wolfssl_CFLAGS="-I\$(pwd)/../fips-install-dir/include" wolfssl_LIBS="-L\$(pwd)/../fips-install-dir/lib -lwolfssl"
make
make install
make check```
1. In the make check stage of the test, it was observed that 1 test was failing.
``` Passed 34 of 35 'libstrongswan' suites
FAIL: libstrongswan_tests
==================
1 of 1 test failed
==================```
1. Reviewing the logs it was apparent one of the RSA tests was failing.
2. Upon further debugging it turned out the failure was a test in strongSwan that was attempting to create an RSA key size of 1536-bits.
```Running case 'generate':
DEBUG: key_sizes[_i] set to 1024
+ PASS
DEBUG: key_sizes[_i] set to 1536
- FAIL
DEBUG: key_sizes[_i] set to 2048
+ PASS
DEBUG: key_sizes[_i] set to 3072
+ PASS
DEBUG: key_sizes[_i] set to 4096
+ PASS```

wolfSSL has a function `RsaSizeCheck()` which in FIPS mode will specifically reject any non FIPS RSA key sizes so this failure was not only expected, but it is a good thing for those wanting to use strongSwan in FIPS mode and ensure only FIPS-validated RSA key sizes will be supported!

wolfSSL is pleased that with the latest release of wolfSSL v4.7.0 and the wolfCrypt FIPS 140-2 module validated on FIPS certificate 3389, strongSwan support is working splendidly and wolfSSL engineers will be making efforts to ensure continued support into the future!

If you have any questions about wolfSSL, wolfCrypt FIPS, or strongSwan and wolfSSL together please contact our support staff anytime at support@wolfssl.com or via our Zendesk portal by registering and opening a support incident at wolfssl.zendesk.com.