When is High-grade Encryption Not High Grade – ECB or CBC?

So what?

Shared Key
Shared Key

Encryption is one of the most fundamental building blocks in security, and focuses on keeping data private for those who have rights to it. Unfortunately it is one of the least understood areas within computing. The reason for this is that there is a lack of understanding on the high-level requirements for the encryption, and it is often left to the cryptography algorithm to perform the privacy.  This is worrying, as systems can be comprised by using weak password to generate an encryption key. So users can think they have a strong method of encryption, but actually it is weakened by a basic part of the process. For example if Bob selects a user password of “Bob” to generate or protect his encryption key, there’s a good chance that Eve will be able to guess this, and discover his key. So Bob thinks he is safe, as he has been sold an encryption system which is “industry strength” AES 256-bit encryption, but actually he has as much security than a basic Caeser code would give him.

How might Eve Crack my Encryption?

Replay
Replay

There are many tools in the toolbox for Eve to crack some cipher text:

  • Known plaintext attack. Where the intruder knows part of the ciphertext and the corresponding plaintext. The known ciphertext and plaintext can then be used to decrypt the rest of the ciphertext.
  • Man-in-the-middle. Where the intruder is hidden between two parties and im-personates each of them to the other.
  • Chosen-ciphertext. Where the intruder sends a message to the target, this is then encrypted with the target’s private-key and the intruder then analyses the encrypted message. For example, an intruder may send an e-mail to the encryption file server and the intruder spies on the delivered message.
  • Active attack. Where the intruder inserts or modifies messages.
  • The replay system. Where the intruder takes a legitimate message and sends it into the network at some future time.
  • Cut-and-paste. Where the intruder mixes parts of two different encrypted messages and, sometimes, is able to create a new message. This message is likely to make no sense, but may trick the receiver into doing something that helps the intruder.
  • Time resetting. Some encryption schemes use the time of the computer to create the key. Resetting this time or determining the time that the message was created can give some useful information to the intruder.
  • Time attack. This involves determining the amount of time that a user takes to decrypt the message; from this the key can be found.

And if these methods fail, she’ll just keep trying all the key possible (also known as brute-force).

Electronic Code Book

ECB/CBC
ECB/CBC

Encryption normally works by taking a number of text blocks, and then applies a key to these to produce cipher blocks. Typical block sizes are 128 or 256 bytes. Unfortunately, the cipher blocks could end up being the same, for the same input text. Thus an intruder could try and guess the cipher text. This is known as electronic code book. For example if we use Blowfish to encrypt the word “fred”, with a key of “bert”, we will always get:

YIW3dMKAVDE=

If you want to try this go to:

http://www.asecuritysite.com/Encryption/blowfish?word=fred%2Cbert

You will find that ever time you encrypt, you will get the same value. Thus the intruder could start to guess what your mapping of the plain text to cipher text was. For example he could send “Hello. Can you send me a quick answer … just yes or no?”, and look at the reply, and guess that the mapping of “yes” or “no” to the cipher text. The intruder then does not need to know the key, he can play it back to others.

Adding Salt

Adding salt
Adding salt

So how do we overcome this problem, of always ending up with the same cipher text for a given plain text? Well we add a bit of salt, to make sure that your result is always changing. For this we cipher text will change each time. This is typically applied into shared-key encryption (also known as symmetric encryption) and in hashing (also known as one-way encryption), where we try and make sure that the cipher text differs for the same plain text.

The method most often used is CBC (Cipher Block Chaining), where we start off with a random seed, known as an Initialization Vector (IV). This is then used to create the first block. Next the output from the first block is then used to chain into the next block by Exclusive-OR’ing the output of the first with the output of the second block, and so it goes on.

When does it go wrong?

CBC
CBC

We then end up with differing cipher block for a changing IV. To change the IV, we might increment it by one for every message that we send. Normally we could send it with the first message that we send, and we agree with the other side on how the IV vector will change. Unfortunately in WEP (the wireless encryption method), it had an IV which actually came round again after a certain amount of time, which meant that an intruder could actually determine the key used in the encryption, which obviously compromised the whole system. Many packages were thus created which made sure that the sender would eventually send out the same IV vector, typically be continually requesting small replies from the sender. As the IV was 24-bits long, there were 16,777,216 different vectors, which would eventually return to the original one, which resulted in the key being cracked. In WEP, the key was shared across the whole wireless network, which meant that the whole network was cracked. Luckily these days, WEP has been replaced by a session key which is unique to each host, and which times-out before it can roll-over.

Blowfish with CBC

So let’s look at applying CBC with Blowfish. Let’s start with a message of “fred”, and a key of “bert”, and use and IV of 1:

http://www.asecuritysite.com/encryption/blowfishcbc?word=fred%2Cbert%2C1

which gives: 1AC9C54C951E180E0000000000000000

Next we’ll change to an IV of 2:

http://www.asecuritysite.com/encryption/blowfishcbc?word=fred%2Cbert%2C2

which gives: D27FA68C6AC794200000000000000000

So what … in conclusion?

Encryption is one of the most important methods within privacy, and thus provides a foundation to keeping things secret. You can see in this blog that you really need to understand the methods that are being used, or you could loose that protection. In security, you are only as strong as the weakest link in the chain, so you need to know how strong your encryption methods are, without just assuming that someone else has done the diligence on this. In wireless security, WEP was actually one of the best examples of how not to do things, and should be a guiding light in making sure that you are understood how well you have protected your data, as there is now an increasing emphasis for individuals to control their own data. WEP broke all the rules of strong security … encrypted messages could be played back at some time in the future … the intruder could copy and paste messages to make valid ones … the key could be broken after a certain amount of time … and so on. So, if you’re using ECB, you are in danger!

electWith the growth of cloud based systems, much of our data is now stored in areas which can be accessed by others, in public spaces, thus users must take more control of their own. While the cryptography algorithms are complex, and highly mathematical, the basic principles around encryption are not beyond the understands of most users, so it is important for more users to be educated in the basics of encryption, at least to understand the risks involved. It’s a bit like leaving wiring your plug to an Electrician … sometime you might actually have to wire your own plug.

If you’re interested …

If you are interested in encryption, there’s some fundamentals at:

and do you want to see how WEP broke all the rules (start at 34:00):

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s