🔸 1. Introduction
In the previous article, we built the “Lego bricks” of cryptography — pseudo-random generators, one-way functions, and permutations. Those components are not just academic toys; they form the internal mechanics of real encryption systems.
Now it’s time to assemble those bricks into something that actually encrypts data.
Welcome to block ciphers.
A block cipher is a deterministic algorithm that:
- takes a fixed-size block of input (e.g. 64 or 128 bits),
- mixes it with a secret key,
- and outputs another block of the same size that looks completely random.
With the same key, the process is perfectly reversible.
Without the key, the transformation should be indistinguishable from pure randomness.
Block ciphers are used everywhere:
HTTPS, VPNs, banking systems, disk encryption, password managers, secure messaging…
They are the engines behind modern symmetric cryptography.
But why do we need block ciphers in the first place?
Let’s quickly build the foundation.
🔸 2. What Are Block Ciphers, and Why Do We Need Them?
We encrypt data for two reasons:
- Confidentiality — making information unreadable to anyone without the key
- Integrity & authenticity — ensuring the data was not changed or forged
To do this efficiently, encryption algorithms operate on fixed-size blocks.
Why blocks?
- They let us design compact and analyzable algorithms
- They allow predictable performance on hardware and software
- They reduce the complexity of invertible transformations
- They provide consistency across inputs and outputs
But real data is not always aligned to 64 or 128 bits.
Emails, files, passwords, videos — all come in arbitrary lengths.
You might think: why not just use a pure stream cipher and skip blocks entirely?
Stream ciphers (like Salsa20 or ChaCha20) are excellent — fast and lightweight — but block ciphers give us two critical things that streams alone cannot guarantee:
✔ Structure for authentication modes
Block ciphers enable modern authenticated encryption schemes (AES-GCM, AES-CCM, OCB).
These protect confidentiality and detect tampering.
✔ Predictable, algebraically analyzable transformations
Block ciphers provide controlled diffusion, confusion, and round structure —
making them suitable for:
- hardware acceleration
- cryptanalysis and security proofs
- secure key wrapping
- deterministic encryption building blocks
Block ciphers are the workhorses.
Stream ciphers are the special tools.
We need both.
🔸 3. The First Big Cipher: DES
Data Encryption Standard (DES) was introduced in the 1970s as the first widely deployed modern block cipher.
It works like this:
- Block size: 64 bits
- Key: 64 bits (but only 56 effective — 8 parity bits)
- Structure: 16-round Feistel network
- Core components: permutations, S-boxes, expansion, key schedule
- Output: 64-bit ciphertext block
For almost 20 years, DES secured ATMs, bank traffic, government systems, corporate networks — basically everything.
But DES has two major problems today:
❌ 1. The key is too short
A 56-bit key can be brute-forced by modern hardware.
❌ 2. The block size is too small
64-bit blocks make certain high-volume protocols vulnerable to collisions and pattern leaks.
Because of this, DES is no longer considered secure.
However, DES has one amazing property:
It is the clearest modern example of how a block cipher is constructed from basic components.
That’s exactly why I rebuilt DES from scratch using only the original technical specification.
If you want to see that process — bit by bit — here are the resources:
🔗 Jupyter Notebook (step-by-step reconstruction):
🔗 GitHub repository (code + tests + CI/CD):
https://github.com/DmytroHuzz/build_own_block_cipher/tree/main/des
This notebook is essentially the “story mode” of DES:
you will see how every permutation, S-box, and round key is derived.
🔸 4. The Successor: AES — Modern, Fast, and Secure
After DES was broken by brute force, the cryptographic community spent years designing a successor.
The result was the Advanced Encryption Standard (AES).
AES has:
- 128-bit block size
- Key sizes: 128, 192, or 256 bits
- Structure: substitution–permutation network (not Feistel)
- Rounds: 10 / 12 / 14 depending on key size
- Massive software and hardware optimization
Why is AES used everywhere?
✔ Large block size
Prevents block collisions in realistic workloads.
✔ Strong security margin
No practical attacks exist; the design has held up under 20+ years of analysis.
✔ Hardware acceleration
AES instructions are available on nearly all CPUs (Intel, AMD, ARM).
✔ Authenticated modes
AES-GCM and AES-CCM power TLS, SSH, VPNs, and modern APIs.
If you are using HTTPS today, you are almost certainly using AES-GCM.
AES is the industry standard for symmetric encryption — strong, fast, secure.
📝 Want to see AES built from scratch too?
If you’d like a deep, step-by-step AES reconstruction (similar to the DES notebook),
let me know in the comments or send me an email.
If enough people are interested, I will rebuild it ;)
🔸 5. Modes of Operation — Making Block Ciphers Handle Real Data
There’s one important limitation of block ciphers:
They only encrypt
exactly one block
But real data is messy:
- files are large
- messages are unpredictable in length
- patterns may repeat
- attackers may modify or reorder blocks
If we simply encrypt each 64- or 128-bit block independently, we leak structural information.
(This mistake has a name: ECB mode, the “don’t do this” mode.)
So cryptographers designed modes of operation — strategies to apply a block cipher safely to multi-block data.
A mode defines how each block is processed and how blocks relate to each other.
Here are the most common ones:
| Mode | How it works | Good for | Not good for |
|---|---|---|---|
| ECB (Electronic Codebook) | Each block encrypted separately | Random data only | ❌ Leaks patterns |
| CBC (Cipher Block Chaining) | XOR each block with previous ciphertext | File encryption | Sequential only, padding needed |
| CTR (Counter) | Encrypt counter value to produce keystream, XOR with plaintext | Streaming, high performance, parallelism | Requires nonce discipline |
| GCM (Galois/Counter Mode) | CTR + built-in authentication | Network protocols (TLS), APIs | More complex, requires correct tag verification |
Why modes matter
Modes give us:
- Confidentiality — data looks random
- Randomness — even repeated plaintext → different ciphertext
- Flexibility — any-length data, streaming, random access
- Modern guarantees — integrity and authenticity with AEAD modes like GCM
Without modes, even the strongest block cipher fails to secure real-world messages.
🧪 DES With CTR Mode — Rebuilt From Scratch
In my implementation, I rebuilt DES step-by-step and wrapped it in CTR mode:
- DES produces a pseudorandom block
- Counter increments per block
- XOR with plaintext gives ciphertext
- Same process decrypts (symmetry of stream XOR)
CTR turns any block cipher into a stream cipher with nice properties:
- No padding needed
- Parallelizable
- Random-access decryption (decrypt block N without decrypting all before it)
You can try running DES-CTR live:
🔗 Colab Notebook — editable, runnable: https://colab.research.google.com/github/DmytroHuzz/build_own_block_cipher/blob/main/des/des_story.ipynb
🔗 GitHub Repo — code + CI/CD + tests
CTR isn’t the only mode worth exploring — it’s just the cleanest and easiest to start with.
📝 Want other modes reconstructed too?
If you’d like me to:
- implement CBC, CFB, OFB, GCM
- explain how they prevent pattern leaks and tampering
- demonstrate attacks when modes are misused
Please let me know in the comments, or email me directly.
I’m happy to continue the series in the direction that helps you most.
🔸 6. Summary — Where We Go From Here
Today we connected the ideas from the previous article (“the cryptography Lego bricks”) to real-world encryption:
✔ What block ciphers are, and why we need them
✔ Why stream ciphers alone are not enough
✔ How DES introduced the first practical, structured encryption engine
✔ Why DES is insecure today — but still worth rebuilding to understand the foundations
✔ Why AES became the modern global standard
✔ How modes of operation (especially CTR, CBC, GCM) make block ciphers safe for real data
✔ How I rebuilt DES from the original spec — including a working CTR mode implementation
All the resources are here:
🔗 GitHub repository (code + tests + CI/CD):
https://github.com/DmytroHuzz/build_own_block_cipher/tree/main
🔗 Step-by-step DES reconstruction notebook (Colab):
🔗 Previous Article
https://dmytrohuz.substack.com/p/building-cryptography-lego-bricks
What’s next?
There are two natural directions from here — and you get to decide where we go:
🅰️ Continue the Block Cipher Journey
- More modes (CBC / CFB / OFB / GCM)
- Example attacks when modes are misused
- AES reconstruction “from the standard”
- Performance, key schedules, design philosophy
🅱️ Move to Next Cryptography Foundations
- Message integrity
- MACs & authenticated encryption
- Why confidentiality without integrity can be dangerous
- How encryption interacts with signatures and hashing
If you’re interested in AES step-by-step like we did with DES — or want me to dive deeper into modes — just leave a comment below or email me directly.
Your preference will shape the next episode in this series.
Block ciphers are the engines of secure communication.
Now you know how they are designed, how they evolved, and how we actually use them today.
Top comments (0)