ECB

Electronic Codebook Block

In ECB mode, each block of plaintext is encrypted independently using the same key and encryption algorithm, producing a corresponding block of ciphertext.

The encryption process is deterministic, meaning that for a given key and plaintext block, the resulting ciphertext block will always be the same.

How to detect ECB mode ?

If the user can supply a plaintext that is cipher by the application, then by sending a plaintext of 3 times the block size it's possible to see if ECB is used.

As explained before, ECB encrypt each block independently. By sending multiple exact same blocks, the result will be exactly the same for each blocks.

Why sending 3 blocks instead of 2 ? It's cause possible misalignment.

+------+------+------+------+------+
| aaaa | aaaa | .... | .... | .... | plaintext
+------+------+------+------+------+
       |
       v
+------+------+------+------+------+
| xxxx | xxxx | .... | .... | .... | ciphertext
+------+------+------+------+------+

but if the data is concat with non arbitrary values we can have :

+------+------+------+------+------+
| ..aa | aaaa | aa.. | .... | .... | plaintext
+------+------+------+------+------+
          |
          V
+------+------+------+------+------+
| xyza | xxxx | hdxz | .... | .... | ciphertext
+------+------+------+------+------+

All block are differents. The workaround is to submit a 3 times block size input.

       always aligned
+------+------+------+------+------+
| ..aa | aaaa | aaaa | aa.. | .... | plaintext
+------+------+------+------+------+
              |
              V
+------+------+------+------+------+
| xyza | xxxx | xxxx | hdxz  | .... | ciphertext
+------+------+------+------+------+ 
          Duplicated blocks

PreviousMode of Operation NextBlock shuffling

Last updated 1 year ago