What is ECB?

Overview

ECB (short for electronic codebook) is the simplest AESAdvanced Encryption Standard block cipher mode.

In the ECB mode, the B_i block is encrypted according to the following formula:

C_i = E_K(B_i) where E_K denotes the block encryption algorithm using key K and C_i is the cipher corresponding to B_i.

Decryption using the ECB mode is equally simple with the following formula:

B_i = D_K(C_i) where D_K denotes the block decryption algorithm using key K.

Advantages and disadvantages of using ECB mode

The most obvious advantage of using the ECB mode is how simplistic it is. The other main advantage is that ECB can tolerate the loss of blocks without affecting other available blocks. This advantage is relevant in the case of blocks being sent over a network as packets. This resilience is made possible by the fact that any B_i block does not depend on any of its adjacent blocks.

Despite its advantages, ECB is looked down upon due to the fact that the encryption algorithm is entirely deterministic. In simpler terms, identical blocks will have the same ciphers under ECB mode, which may reveal patterns the blocks have; so, ECB doesn’t wholly hide its details. This is a security threat to its users.

Such patterns are evident in the image above.

ECB encryption using OpenSSL

The OpenSSL toolkit provides a set of simple commands to encrypt with AES modes. The template command for encrypting a 128-bit AES with ECB mode is:

openssl enc -aes-128-ecb -e -in inputfile.txt -out cipher.bin -K
00112233445566778889aabbccddeeff -iv 0102030405060708

In the command above, we will enter the name of the file we want to encrypt after the -in flag, and the name and format of the output file after the -out flag. The hex value of the encryption key should be provided after the -K flag and the hex value of the initialization vector should be provided after the -iv flag.