Skip to content

Instantly share code, notes, and snippets.

@kalharbi

kalharbi/Encryption-using-ECB-mode-in-CyberChef.md

Last active October 14, 2024 16:20
Show Gist options
  • Save kalharbi/1feb970ef5b233feaefb21dd7f89c7aa to your computer and use it in GitHub Desktop.
Save kalharbi/1feb970ef5b233feaefb21dd7f89c7aa to your computer and use it in GitHub Desktop.
Download ZIP
This is a step-by-step demonstration using CyberChef on encryption using ECB mode and the diffusion problem
Raw
Encryption-using-ECB-mode-in-CyberChef.md

ECB's lack of diffusion

The Penguin picture ECB Problem

The Penguin AES ECB problem demonstrates the vulnerability of the Electronic Codebook (ECB) mode of AES encryption when applied to images that have large regions of similar colors. ECB mode encrypts each block of data independently, which means identical plaintext blocks are encrypted into identical ciphertext blocks. This characteristic can reveal patterns in the encrypted data, making it impractical for encrypting images or other data with repeating patterns.

This example is a demonstration of why ECB is vulnerable to simple attacks, and how ECB can reveal plaintext patterns in ciphertext. In this example, we use AES with ECB to encrypt a bitmap image that has large regions of uniform color. Although each pixel's color is meant to be encrypted, the overall image can still be recognized, as the arrangement of identically colored pixels in the original remains visible in the encrypted output.

Steps:

  1. Go To CyberChef at https://gchq.github.io/CyberChef/.

  2. Load the Image:

  3. Convert Image to Hex:

    • Add the "To Hex" operation to convert the image to a hexadecimal string. Leave the default parameters (delimiter "Space" and Bytes per line "0").

  4. Encrypt the Image:

    • Add the "AES Encrypt" operation.
    • Set the mode to "ECB". We do not need IV in ECB.
    • Choose the key type as "UTF8" and a key (e.g., 1234567890abcdef).
    • Set the input type to "Hex" and the output type to "Hex".

  5. Convert Encrypted Hex to Base64:

    • Add the "To Base64" operation to convert the encrypted hex string to a Base64 string.

  6. Convert Base64 to Hex:

    • Add the "From Base64" operation to convert the Base64 string back to a hex string.

  7. Decrypt the Image:

    • Add the "AES Decrypt" operation.
    • Set the mode to "ECB".
    • Use the same key as in the encryption step.
    • Set the input type to "Hex" and the output type to "Hex".

  8. Convert Decrypted Hex to Image:

    • Add the "From Hex" operation to convert the decrypted hex string back to bytes.

  9. Download the image bytes as a file: In the output pane, click on Save output to file and open the file to view the decrypted image.

@kalharbi
Copy link
Author

complete-aes-ecb

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment