Skip to content

ECB

Electronic Code Book (ECB) Mode

Maps different input blocks to different output blocks.
Maps same input blocks to same output blocks.

Security

Not Secure
- Identical input blocks will always map to identical output blocks
- Usually easy to visualize if the data being encrypted has mutable repeating values.

Attacks

Example Username Block Crafting

  • Using 16 blocks
  • AES ECB Key=00112233445566778899AABBCCDDEEFF

When knowing the block size you can encrypt a block and reuse it in another context.

Username: Testin
|admin=0&uid=1111|&username=Testin|
|5ee0f2110fa31ea16f297f4dc4b49fd5|1f5c38c1b1863fb47fb4121789a4a5af|00657ea140655a44782747705d422fad|

Username: Testinadmin=1&uid=1234
|admin=0&uid=1234|&username=Testin|admin=1&uid=1234|
|3b6700faa03168616a8c3bb809d2cbaf|1f5c38c1b1863fb47fb4121789a4a5af|496eae13a01119a68823ab33173c3d09|00657ea140655a44782747705d422fad|

Swaping the Blocks:
|496eae13a01119a68823ab33173c3d09|1f5c38c1b1863fb47fb4121789a4a5af|496eae13a01119a68823ab33173c3d09|00657ea140655a44782747705d422fad|
|admin=1&uid=1234|&username=Testin|admin=1&uid=1234|

Other

Encryption oracle attack: Active attack that allows an attacker to specify plain-text to be encrypted and when a suffix is attached to the plain-text allows the attacker to decrypt it.

By sending a plain-text string (P) that is one byte shorter than the block size of the algorithm. The first block of ciphertext will be made up of the plain-text string. and output the ciphertext C1.

 _____________   _____________
|         |   | |             |
| P       | S0| |     S1-N    |
|_________|___| |_____________|

C1 = ECB(P || S0)

Since you know C1 you can bruteforce guess the byte S0 where P || Guess_byte. when the cipher-text is the same as C1 you have confirmation of the S0 byte. Add the S0 byte to the plain-text (P) and figure out the S1 byte. Repeat this for along as necessary.