**Selecting the Best AES Block Cipher Mode (AES-GCM VS AES-CBC)**

**What is a block cipher?**

A block cipher is an encryption method. These clock ciphers break the message that needs to encrypt into similar size blocks. Then these plain blocks or plain text will convert as ciphertext or cipher block. The cipher will apply the same algorithm to encrypt all the blocks.

This algorithm is semantic or reversible. So it’s equipped to use the same process to encrypt the message or decrypt the message.

There are lots of block ciphers schemes among the developer community. Among them, DES and AES are two of the most famous modern block ciphers. in this article, we are mainly focusing on the AES block clipper

## About AES

The **AES** stands for **Advanced Encryption Standard**.

This project is started in 1997 by The National Institute of Standards and Technology (NIST) as an alternative for Data Encryption Standard (DES).

This symmetric/reversible key encryption block clipper is equipped to handle 128-bit blocks, using keys sized at 128, 192, and 256 bits. This block chipper is especially recognized for protecting data at rest and its widely regarded as the most secure symmetric key encryption cipher yet invented.

## AES Cipher Modes

The cipher modes are required for a usual AES implementation. An incorrect implementation or application of modes may severely compromise the AES algorithm security. There are multiple chipper modes are available in AES, Some of the highly used AES cipher modes as follows.

- ECB mode: Electronic Code Book mode
- CBC mode: Cipher Block Chaining mode
- CFB mode: Cipher Feedback mode
- OFB mode: Output FeedBack mode
- CTR mode: Counter mode
- GCM mode: Galois/Counter mode

In this article, we are mainly describing and comparing the most widely used Cipher Block Chaining mode(CBC) and the Galois/Counter mode (GCM).

## CBC mode: Cipher Block Chaining mode

In CBC the mode, every encryption of the same plaintext should result in a different ciphertext. The CBC mode does this with an initialization vector. The vector has the same size as the block that is encrypted.

**How AES-CBC works **

Initially, an XOR operation is applied to the plaintext block with the vector, After that, the encryption process will be performed with the encryption key. After the previous operation, the result of each block goes through in a xor operation of the next plaintext block.

**Problems in (CBC mode)**

One of the major problems an error of one plaintext block will affect all the following blocks. At the same time, Cipher Block Chaining mode(CBC) is vulnerable to multiple attack types.

- Chosen Plaintext Attack(CPA) — Attacks with a set of chosen plaintexts and to obtain respective ciphertext.
- Chosen Ciphertext Attack(CCA) — Attacks with a set of chosen ciphertexts to obtain respective plaintexts.
- Padding oracle attacks

**AES-GCM instead of AES-CBC**

Both the AES-CBC and AES-GCM are able to secure your valuable data with a good implementation. but to prevent complex CBC attacks such as Chosen Plaintext Attack(CPA) and Chosen Ciphertext Attack(CCA) it is necessary to use Authenticated Encryption. So the best option is for that is GCM. AES-GCM is written in parallel which means throughput is significantly higher than AES-CBC by lowering encryption overheads.

**AES-GCM**

In simple terms, Galois Counter Mode (GCM) block clipper is a combination of Counter mode (CTR) and Authentication it’s faster and more secure with a better implementation for table-driven field operations. GCM has two operations, authenticated encryption and authenticated decryption.

The GCM mode will accept pipelined and parallelized implementations and have minimal computational latency in order to be useful at high data rates. **As a conclusion**, we can choose the Galois Counter Mode (GCM) block clipper mode to achieve excellent security performance for data at rest.

## Reference

- Blazhevski, D., Божиновски, А., Stojcevska, B. and Pachovski, V., 2013.
*MODES OF OPERATION OF THE AES ALGORITHM*. [online] https://www.researchgate.net. Available at: <https://www.researchgate.net/publication/236656798_MODES_OF_OPERATION_OF_THE_AES_ALGORITHM> - McGrew, D. and Viega, J.
*The Galois/Counter Mode of Operation (GCM)*. [online] Luca-giuzzi.unibs.it. Available at: <https://luca-giuzzi.unibs.it/corsi/Support/papers-cryptography/gcm-spec.pdf> - Ahamed, N. and Wei, L., 2017.
*Advanced Encryption Standard with Galois Counter Mode using Field Programmable Gate Array.*. [online] Iopscience.iop.org. Available at: <https://iopscience.iop.org/article/10.1088/1742-6596/1019/1/012008/pdf> - Kaneesha, D., n.d.
*What’s the difference between AES-CBC and AES-GCM? — Knowledgebase / Technical / Application Settings and Features / Encryption — PIA Support Portal*. [online] Privateinternetaccess.com. Available at: <https://www.privateinternetaccess.com/helpdesk/kb/articles/what-s-the-difference-between-aes-cbc-and-aes-gcm-2> - Dworkin, M., 2021.
*Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC*. [online] https://nvlpubs.nist.go. Available at: <https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf>