Geek Answers Handbook

Can I use AES with IV in ECB mode?

From http://php.net/manual/en/function.mcrypt-encrypt.php I saw the following codes using AES with IV in ECB mode,

<?php $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $key = "This is a very secret key"; $text = "Meet me at 11 o'clock behind the monument."; echo strlen($text) . "\n"; $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv); echo strlen($crypttext) . "\n"; ?>

But from the wiki http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation it says that the ECB does not need an IV. Is it possible to use AES with IV in ECB mode? In this ECB mode, the additional IV will provide a little more security compared to when not in use?

+4
source share
4 answers

The ECB does not carry out the chain between blocks, so there is no way to use IV. mcrypt uses the same APi for all modules. IV is simply ignored for ECB because the ECB module has the following function defined as

 int _has_iv() { return 0; }
+10
source

Cannot use IV in ECB mode. It is kind of controversial, however, as it should

Never use ECB mode for Anything, Ever *.

In more general terms, you probably shouldn't use crypto primitives directly, but rather use a cryptographic library, such as keyczar , that contains theses of these solutions.

** Actually, there is a very specialized use for ECB, such as “safe” pseudo-random permutations, but you certainly should not use ECB for anything related to data encryption.

+17
source

First of all, you would have nowhere to place this IV. ECB works by using blocks of plaintext one after another and encrypting them with a key to create the corresponding encrypted texts. There is simply no place to use IV. This is what theory is talking about.

I do not know the details of how mcrypt_encrypt works, but I suspect that when using ECB it just does not use IV. Try this by encrypting in the ECB, providing a different IV. If the result is the same, the function simply does not use IV.

+6
source

ECB is perfectly acceptable for encryption / decryption in Counter mode (CTR): http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29

NOTE that CTR encryption is CTR encryption.

0
source

More articles:


All Articles