Electronic Code Book (ECB)

From CryptoWiki
Jump to: navigation, search

(ECB) Electronic Code Book - symmetric encryption scheme which replaces each block of the clear text by the block of ciphertext. It is the simplest encryption scheme. The main idea is to split the clear text into blocks of N bits (depends on the size of the block of input data, encryption algorithm) and then to encrypt (decrypt) each block of clear text using the only key.

Symmetric encryption schemes

Contents

Security challenge

The ECB mode is rather simple in realization. It is possible to encrypt/decrypt blocks of data in parallel as there is no dependence between blocks. In case of failure of the encryption/decryption the mistake extends only within one block and doesn't influence others. Limitations of ECB encryption scheme:

  • If blocks of the clear text are identical the corresponding blocks of ciphertext will be identical too. Otherwise if in the ciphertext some blocks are identical, the corresponding blocks of the clear text are identical too. The cryptanalyst can decipher only one of these blocks to find the contents of all of them.
  • In case the blocks are independent it becomes possible to replace some blocks of the ciphertext without knowledge of a key. The malefactor can replace part of blocks in the message with blocks intercepted during the previous message on the same key.
  • In case of loss or insertion at least of one bit into ciphertext there will be a shift of bits and borders of blocks that will lead to wrong decoding of all subsequent blocks ciphertext (it can be fixed by realization of control methods of borders of ciphertext blocks)

Theoretical issues

Mathematically encrypting process can be described as follows:

ECB 1.PNG

where ECB 2.PNG is the clear text, Mi.PNG – blocks of clear text, N-bit each, t – the whole number of blocks of clear text, ECB 3.PNG – blocks of ciphertext corresponding to blocks of clear text Mi.PNG, Ek.PNG and Dk.PNG – encryption/decryption schemes on the key k.

CTS (CipherText Stealing)

The flowchart of work of the scheme in the ECB CTS mode

The last block of the clear text (number t) can contain less than N bits. In that case it is necessary to supplement it, what isn't always possible. In that case it is reasonable to apply CTS (CipherText Stealing) scheme which allows to use the ECB mode without supplementing extra bits to clear text to make it divisible by N.

In this technique the last two blocks of the clear text MtMt 1.PNG are encrypted separately and in a different way than previous blocks. Let's assume that Mt 1.PNG has N bits, and Mt n.PNG bit, and n < N.

CTS 1.PNG

where Headn.PNG – the function cutting extreme left n of bits, Tailnn.PNG – the function cutting extreme right N-n of bits.

Here are the decryption calculations:

CTS 2.PNG

At such realization some features of the ECB mode of enciphering are a little broken. A mistake in 1 bit of Ct 1.PNG block leads to mistakes in MtMt 1.PNG blocks. A mistake in the Ct.PNG block leads to the mistake in the block Mt 1.PNG.

Practical issues

The flow chart of DES in ECB mode

The ECB scheme is one of the simplest encryption operating modes. In practice it is possible to see the usage of it practically in any realization of symmetric block encrypting (GOST 28147-89, DES, AES, ect.). However, considering all features of an operating mode ECB, it isn't recommended to apply it to encrypting messages which contain more than one block or which are transported by the unclassified channel.

The most often use of this operating mode are those tasks where possibility of parallel processing is needed and there is no sequence of encryption of blocks of data (encrypting of a big database).

Let's consider more concrete application of the ECB scheme inside DES algorithm:

the initial file M, according to the scheme of ECB, splits into blocks on 8 bytes (64 bits). Each of these blocks of a clear text is ciphered independently with use of the same key of enciphering of DES.

However, the ECB scheme is not recommended to encrypt .EXE or .DOC files. The header of such files is quite defined and has identical structure that is excellent "launch pad" for breaking of a key of encryption.

Glossary

Bibliography)

Bruce Schneier - Applied Cryptography // John Wiley & Sons, 1996 /ISBN 0-471-11709-9

Symmetric encryption schemes bibliography

References to other issues about Symmetric_encryption_schemes:

  1. (ECB) Electronic Code Book
  2. (CBC) Cipher Block Chaining
  3. (BC) block chaining
  4. (CFB) Cipher Feed Back
  5. (OFB) Output Feed Back