50

What are the benefits and disadvantages of CBC vs. CTR mode? Which one is more secure?

otus
  • 32,462
  • 5
  • 75
  • 167
mary
  • 1,071
  • 3
  • 11
  • 13

2 Answers2

47

I wrote a rather lengthy answer on another site a few days ago. Bottom-line is that CTR appears to be the "safest" choice, but that does not mean safe. The block cipher mode is only part of the overall protocol. Every mode has its quirks and requires some extra systems in order to use it properly; but in the case of CTR, the design of these extra systems is somewhat easier. For instance, when compared to OFB, there is no risk of a "short cycle" with CTR.

This is why actually usable modes like EAX and GCM internally use CTR.

Community
  • 1
Thomas Pornin
  • 88,324
  • 16
  • 246
  • 315
1

In the context of the encryption of a mariadb database, according to the documentation.

choosing-an-encryption-algorithm

There are 2 modes of choice of encryption algorithm:

  1. The AES_CBC mode uses AES in Cipher Block Chaining (CBC) mode.
  2. The AES_CTR mode uses AES in two slightly different modes in different contexts. When encrypting table space pages (such as pages in InnoDB, XtraDB, and Aria tables), you use AES in Counter (CTR) mode. When encrypting temporary files (where ciphertext is allowed to be larger than plain text), use AES in Galois / Authenticated Counter (GCM) mode.

The recommended algorithm is AES_CTR, but this algorithm is only available when MariaDB is built with recent versions of OpenSSL. If the server is built with wolfSSL or yaSSL, then this algorithm is not available.

    MariaDB [(none)]> show global variables like "version_ssl_library";
    +---------------------+-----------------------------+
    | Variable_name       | Value                       |
    +---------------------+-----------------------------+
    | version_ssl_library | OpenSSL 1.1.1f  31 Mar 2020 |
    +---------------------+-----------------------------+

    MariaDB [mysql]> show global variables like "tls_version";
    +---------------+-------------------------+
    | Variable_name | Value                   |
    +---------------+-------------------------+
    | tls_version   | TLSv1.1,TLSv1.2,TLSv1.3 |
    +---------------+-------------------------+
bl3ssedc0de
  • 111
  • 3