问题
I want to encrypt long paragraphs of text using Rijndael-256 (the text has been compressed and converted to base64 before this).
It is very unlikely for the two to be the same. But if they happen to be, would adding a random key to the start or end of the text secure it (regardless of whether they're the same), just in case users write the same text?
If I make sure that no results are 100% the same, is ECB safe if you won't get duplicate results?
Or is it like this: (using base64... not accurate, just an example)
_Hello world_ = ahjkIOn25o
_To echo "Hello world,"_ = qw90klnN2_ahjkIOn25o_kL3
_Hello world is the_ = _ahjkIOn25o_hjAB27
So if someone has a phrase hidden inside their text, it would always output the same ECB for that piece, no matter what else is in the text, or the phrase's position in the text?
回答1:
I would recommend to use something like CBC. All you will have to do is to add IV.
So if someone has a phrase hidden inside their text, it would always output the same ECB for that piece, no matter what else is in the text, or the phrase's position in the text?
Two exactly same plaintext block will become exactly same ciphertext blocks.
So, it depends on how long the hidden phrase is and how it's positioned inside of a block. Only if the whole content of the block is that same, the result will be the same.
I would say it's more applicable for two cases:
- You have a large amount of structured data (as example images or video)
- You use the same key to encrypt multiple messages (which translates to large amount of data).
Both this case may allow attacker to figure out something about your internal structures.
I recommend to take a look at this: http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 It shows what the problem with ECB.
Generally speaking, it's easier to use another mode than to
- Work around ECB weaknesses
- Worry whether you took into account all possible cases.
来源:https://stackoverflow.com/questions/12445312/is-ecb-a-safe-option-if-you-dont-expect-duplicate-results