Block cipher modes

Today, I would like to propose a simple exercise based on AES-128, and two different block cipher modes: ECB and CBC. The idea is to prove how a secure encryption algorithm encrypts some data based on these block cipher modes. The results will show that even when encrypted, the information might not be protected as well as one would expect.

Hopefully, you will understand that just encrypting is not enough. A good encryption standard has to be implemented in a proper way if you want to achieve a decent protection.

For the sake of this post, I will not cover what block cipher modes are. Nevertheless, you may find a good explanation in the Wikipedia. In order to complete the example, I will use OpenSSL for encrypting the information. The data used in the example will be just a simple plain text.

Materials

Let’s consider the following plain texts:

Text 1:
This is my test text
Encripto256

Text 2:
This is my test test
Encripto256

As you may notice, there is a very small difference between both texts (note the last word at the first line).
Both texts will be saved in separate text files (text1.txt and text2.txt). Let’s encrypt both of them with OpenSSL, using AES-128 ECB and AES-128 CBC.

Block cipher mode: Electronic CodeBook (ECB)

This is the simplest encryption mode. In this case, the messages will be divided into blocks which are encrypted separately.
I will encrypt both files with the plain texts. This will create two new files (text1-encrypted.txt and text2-encrypted.txt).

The encryption key for both examples will be 0123456789abcdef.
Afterwards, I will display the file contents in hexadecimal with hexdump to compare the contents.

Encrypting text1.txt and text2.txt with AES-128-ECB

openssl enc -aes-128-ecb -e -in text1.txt -out text1-encrypted.txt -K 0123456789abcdef
openssl enc -aes-128-ecb -e -in text2.txt -out text2-encrypted.txt -K 0123456789abcdef

At this moment, the encrypted contents have been saved in two separate files:

text1-encrypted.txt for the first plain text (text1.txt)
text2-encrypted.txt for the second one (text2.txt)

The results of the encrypted files are shown here:

hexdump text1-encrypted.txt
0000000 dde1 8ace ec61 7dfe f444 3873 cd88 2434
0000010 2776 ae2d f3d1 3897 2074 102c 53ab 5082
0000020 e9a1 e71b f4f3 73d3 5ae3 1fbb 2101 edb4
0000030

hexdump text2-encrypted.txt
0000000 dde1 8ace ec61 7dfe f444 3873 cd88 2434
0000010 9ddf 5932 55c6 a490 c094 6384 62b4 0224
0000020 e9a1 e71b f4f3 73d3 5ae3 1fbb 2101 edb4
0000030

If we look at the encrypted content, it is possible to see that a big part of the information contained in both files was almost the same. Data patterns are not hidden very well when using ECB mode.

Block cipher mode: Cipher-Block Chaining (CBC)

This mode is more complex than the previous one. Now, each message block is dependent on all previous blocks processed up to that point.
CBC will also use an initialization vector which gives randomness and makes each message unique.

Encrypting text1.txt and text2.txt with AES-128-CBC

This case will proceed as before. However, this time I will use AES-128-CBC and an initialization vector will be provided to the OpenSSL command for each case.

openssl enc -aes-128-cbc -e -in text1.txt -out text1-encrypted.txt -K 0123456789abcdef -iv 012345
openssl enc -aes-128-cbc -e -in text2.txt -out text2-encrypted.txt -K 0123456789abcdef -iv 98765

Dumping the contents of each encrypted file will show that no patterns can be found:

hexdump text1-encrypted.txt
0000000 357a 7669 df13 09fd b325 c066 f4cf a696
0000010 9f18 afc4 6a9b 7e3b c3c8 5202 1987 4447
0000020 ff42 1fd3 a427 4d8a 6b46 5258 6740 c666
0000030

hexdump text2-encrypted.txt
0000000 ad5c 7f4f 28c9 6a10 a10d ef55 68d9 e24a
0000010 258e 2013 b1c8 bc98 cdfd fe38 c8a4 b689
0000020 58a5 c519 451e 306d 3df7 a2d7 fbd0 5426

Illustrating the example

To give an illustration of how these block cipher modes encrypt information, the Wikipedia article, which I referred previously, has a picture in its original, ECB and CBC encrypted formats.

Block cipher modes - Wikipedia

Source: Wikipedia

As you may notice, the ECB mode still reveals quite much about the information, even though it is encrypted.

Would you like to try this example with pictures as well? If you want to display the encrypted contents, remember to prepare an unencrypted header (bmp for example) in a separate file. Afterwards, concatenate it with the encrypted file content. This will allow you to see the picture after the encryption.