I am looking at implementing AES128 bit encryption of a data stream. Since AES128 is a block cipher, which is inherently less robust than a stream cipher, I have considered configuring AES128 as a stream cipher in OFB mode as shown here. If I use the same IV, will it be more robust than standard ECB (block) mode?
Asked
Active
Viewed 1,519 times
1 Answers
5
OFB with an IV re-use is a different kind of completely broken than ECB.
In ECB mode, the problem is the fact that you can recognize blocks. That is if the same block appears twice you will notice that and know the underlying message-blocks were the same.
In OFB mode, the problem is the re-use of the key-stream. That is for any two ciphertexts under the same IV/key pair, you can compute the XOR of the underlying messages. Note that if you know (parts of) either message this allows you to recover (parts of) the other message.
So with ECB mode it's hard to actually infer the precise contents of the message but you can detect patterns in the ciphertext, whereas OFB hides patterns in a single ciphertexts, but leaks a lot of information with two ciphertexts.
SEJPM
- 46,697
- 9
- 103
- 214