From http://php.net/manual/en/function.mcrypt-encrypt.php, I saw the following codes using AES with an IV in ECB mode,
<?php
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$key = "This is a very secret key";
$text = "Meet me at 11 o'clock behind the monument.";
echo strlen($text) . "\n";
$crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
echo strlen($crypttext) . "\n";
?>
But from wiki http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation, it says ECB does not need an IV. Is it really possible to use AES with an IV in ECB mode? In this ECB mode, will the additional IV provide a little bit more security comparing to when it is not used?
There's no way to use an IV in ECB mode. This is kind of moot, however, as you should
In more general terms, you probably shouldn't be using crypto primitives directly, but rather using a crypto library like keyczar that abstracts away these sorts of decisions.
** Actually, there are some very specialized uses for ECB, such as 'secure' pseudorandom permutations - but you certainly shouldn't be using ECB for anything related to encrypting data.
ECB doesn't perform chaining between blocks so there is no way to use IV. mcrypt uses the same APi for all modules. The IV is simply ignored for ECB because the ECB module has following function defined as,
int _has_iv() { return 0; }
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With