0

I want to encrypt a system firmware, and future firmware updates will use the same encryption system. Because this firmware isn't fully from scratch but rather is based on an existing framework, it is highly likely that parts of the original firmware code are known, in other words, that long sequences of the message to encrypt would be known to any attacker (some of which are known to be full 1 and full 0s)

Considering this, can I merely use, say, AES, that preserves the sequence of the 128 bit blocks ? Or must I use a specific encryption tailored to such a use case ? I don't know if it's still robust against an attacker that has unencrypted/crypted block pairs, and I'm having trouble finding information on that use case.

I would guess that it is, but I'd rather verify. Thanks.

Julien BERNARD
  • 101

1 Answers1

-1

Regardless of the symmetric encryption schema (3DES, AES,...), I suggest you to use an Encryption Mode that can hide data patterns. If you use CBC as encryption mode your cipher text will be randomized by using a random IV (Initialization Vector). Then you can pass the IV to the receiver in plaintext.

Giulio Gennari
  • 1