How strong would be create a password through AES ECB encryption?

Question

Suppose that I want to use a "poor man" password management working as follows:

1. I choose and remember one single master password (for example "78HK+jm?329");

2a. for any bank, site, etc. that I need to access I build a password by encrypting with AES ECB the name of the bank, site, etc. (for example "bankmyne") using the same master password as key, then I translate the encrypted text to Base64 (or ASCII hex representation) encoding: the result will be the actual access password;

OR

2b. all like in 2a. but instead of encrypting the name of the bank, site, etc. I encrypt a progressive index (e.g. "bankone" is 001, "banktwo" is 002, etc.) annotated in a notebook.

How strong would be a similar algorithm? Is it the same as the "standard" way of encrypting all chosen passwords? Would 2b. be safer than 2a.?

Answer 1

Your scheme will be strong.

AES ECB is resistant to preimage attacks. If somebody knows the plain text (in your scheme it is the name of the bank or the name of the web site) and knows the encrypted text, it is not possible to recover your password.

See answers here:

• Finding key of AES in ECB mode
• Is it possible to guess an AES key from a series of messages encrypted with that key?

Thus, nobody will be able to recover your real password and thus will not be able to construct your password for other web sites. The only way is brute-forcing. Thus the strength of your passwords depends on the entropy of your original password. If it is a word from a dictionary or it is relatively short, then brute-forcing can be successful.

But: Consider what happens if some sites require you to change password. E.g. one site requires to change password every 3 months, other every year, and some sites may require it randomly, e.g. they have new authentication system and require all users change their passwords. Then you will have to go to every web site and change your password. Also you will need to keep information what original password you used or what "generation" it is (like is it second password reset, third password reset). As others said in comments, password manager can be much more efficient than implementing your scheme.