1

Let's say a 1MB file has many many consecutive null-bytes 128-bit blocks. Then, as AES works with blocks, the encrypted file will also have recurrent 128-bit-long patterns of aes_encrypt(000...0) (where 000...0 is a 128-bit long null block).

How isn't this a weakness?

As null-bytes blocks is very frequent in files, we could easily recognize "oh this recurrent pattern in cipher is certainly the result of the encryption of 128 null bits".

Then a lookup table:

Key                          Cipher of null 128-bits
----------------------------------------------------
Hello                        a8ff00ac..ff6b               
easypassword                 b20fa312..ae27

could help to find the key, isn't it possible?

Is the fact it "works in blocks" not a weakness?

Basj
  • 563
  • 5
  • 25

1 Answers1

2

In practice we use something called a block mode.

The traditional block mode is cipher block chaining (see image). In this block mode we XOR the ciphertext of the a block with the plaintext of the next block. The first plaintext block will be XOR'd with a public initialization vector. This way we make sure that every ciphertext is different.

Cipher block chaining

How isn't this a weakness?

It is. In your case the block mode that is used is ECB, basically applying the block cipher to each block independently. ECB is considered insecure for normal use.

Could you make a lookup table for all blocks of only zeros?

No. Because almost always keys are generated randomly, we would need to store $2^{128}$ entries in our lookup table. Our universe will never have enough disk space to store it.

dusk
  • 1,185
  • 10
  • 27