Electronic Codebook Mode
The simplest mode is the electronic codebook (ECB) mode, in
which plaintext is handled one block at a time and each block of plaintext is
encrypted using the same key (Figure
6.3). The term codebook is used because, for
a given key, there is a unique ciphertext for every b-bit block of plaintext. Therefore, we can imagine a
gigantic codebook in which there is an entry for every possible b-bit plaintext pattern showing its corresponding
ciphertext.
For a message longer than b
bits, the procedure is simply to break the message into b-bit blocks, padding the last block if necessary.
Decryption is performed one block at a time, always using the same key. In Figure 6.3, the plaintext (padded as
necessary) consists of a sequence of b-bit
blocks, P1, P2,..., PN; the corresponding sequence of ciphertext
blocks is C1, C2,..., CN.
The ECB method is ideal for a short amount of data, such as an
encryption key. Thus, if you want to transmit a DES key securely, ECB is the
appropriate mode to use.
The most significant characteristic of ECB is that the same
b-bit block of plaintext, if it appears more than
once in the message, always produces the same ciphertext.
For lengthy messages, the ECB mode may not be secure. If the
message is highly structured, it may be possible for a cryptanalyst to exploit
these regularities. For example, if it is known that the message always starts
out with certain predefined fields, then the cryptanalyst may have a number of
known plaintext-ciphertext pairs to work with. If the message has repetitive
elements, with a period of repetition a multiple of b bits, then these elements can be identified by the
analyst. This may help in the analysis or may provide an opportunity for
substituting or rearranging blocks.
No comments:
Post a Comment