Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Generally speaking, ECB mode shouldn\'t be used. ECB seems to be more of a basic

ID: 647541 • Letter: G

Question

Generally speaking, ECB mode shouldn't be used. ECB seems to be more of a basic building block than anything else. Because I thought it would be interesting to experiment with encryption (this method isn't something I want to use in actual software for release), I came up with the following method for using ECB and want to know if it's any good:

1)Generate initialization vector -> IV.

2)SHA256 password -> key.

3)Join IV and key and run through SHA256 -> newKey.

4)Encrypt one block of plain text with newKey.

5)Run newKey through SHA256 -> newKey.

6)Goto 4 until done.

Is this any good at all? If not, what are some of the most immediate problems with this?

Explanation / Answer

What you have devised is no longer ECB.
ECB encrypts multiple blocks using the same key.
The reason we have modes of operation is so that we can encrypt multiple blocks using the same key in a way that is secure, that is identical blocks of plaintext do not encrypt to the same ciphertext block, among other properties.

What you have devised uses a different key for each block, which is derived from a master key, and requires a full invocation of SHA-256 for each block. This should be (see below) as secure as CBC mode, except that is is substantially, hilariously, slower.

The other performance issue you have is with random access. In order to get to later blocks, you need to derive the key for all prior blocks. If you want to start deriving key material before the data is available, you need to store it, lots of it, 1GB of plaintext takes 2GB of key material for AES-256.

One of the possible issues you will run into is that you need to create new key material for each block, and you need to save the key material in accessible memory in order to do that. Single key modes of operation allow the key material to be derived and stored in CPU registers, and stay out of regular system memory if the implementation and hardware supports it, which modern processors do.

So, while this may be secure from a ciphertext perspective, it will not be easy to secure from an implementation perspective. Add that to the crippling performance issues, and this has no advantages over CBC mode. Depending on plaintext and implementation, it may be less secure than ECB in practice.

Related Questions

General instructions: For questions which ask you to do something, give the comm
Question #3304087
General instructions: The job of the Main function is to call user-defined funct
Question #3574219
General instructions: You must show full/detailed calculations to receive full m
Question #228682
General journal of all transactions. ansaction Description of transaction une 1:
Question #2423558
General ledger drop down options: No journal entry, accounts payable, accounts r
Question #2556137
General management of production operations seeks to be continuous with the long
Question #2310881
General manufacturing company consists of several division, one of which is the
Question #2371825
General math) a. In Chapter 11\'s programming projects, you were asked to constr
Question #3590171
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Generally speaking without optimization, which implementation of main is fastest
Next
Generally speaking, ionization energies a. decrease as you go down a group b. in

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.