Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is it possible to use AES with an IV in ECB mode?

From http://php.net/manual/en/function.mcrypt-encrypt.php, I saw the following codes using AES with an IV in ECB mode,

<?php
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    $key = "This is a very secret key";
    $text = "Meet me at 11 o'clock behind the monument.";
    echo strlen($text) . "\n";

    $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
    echo strlen($crypttext) . "\n";
?>

But from wiki http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation, it says ECB does not need an IV. Is it really possible to use AES with an IV in ECB mode? In this ECB mode, will the additional IV provide a little bit more security comparing to when it is not used?

like image 664
bobo Avatar asked Nov 24 '09 12:11

bobo


2 Answers

There's no way to use an IV in ECB mode. This is kind of moot, however, as you should

Never Ever use ECB mode for Anything, Ever*.

In more general terms, you probably shouldn't be using crypto primitives directly, but rather using a crypto library like keyczar that abstracts away these sorts of decisions.

** Actually, there are some very specialized uses for ECB, such as 'secure' pseudorandom permutations - but you certainly shouldn't be using ECB for anything related to encrypting data.

like image 176
Nick Johnson Avatar answered Oct 06 '22 01:10

Nick Johnson


ECB doesn't perform chaining between blocks so there is no way to use IV. mcrypt uses the same APi for all modules. The IV is simply ignored for ECB because the ECB module has following function defined as,

int _has_iv() { return 0; }
like image 27
ZZ Coder Avatar answered Oct 06 '22 02:10

ZZ Coder