[dehrmann]

To see how insecure a mode of operation can be, Wikipedia has a picture that was encrypted with ECB:

https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation...

[hatsunearu]

That picture has become some sort of meme of itself (I've heard it referred as "you can see penguins through ECB") because it's so damn popular.

However ECB is a lot worse than "you can see data patterns"--with a chosen plaintext attack (very common scenario in networking and storage applications) any dumbass can decrypt it trivially.

[evh]

Those who want to try it for themselves can check out https://cryptopals.com/sets/2/challenges/12 (and that entire set).

[hatsunearu]

Oh man, I loved doing cryptopals back in the day. I should try again.

[Terry_Roll]

I still havent see a regex for ECB though!

[heavenlyblue]

> with a chosen plaintext attack (very common scenario in networking and storage applications) any dumbass can decrypt it trivially.

No you can’t get decryption key using chosen plaintext attack with AES.

Read here: https://crypto.stackexchange.com/questions/1512/why-is-aes-r...

[oconnor663]

Parent said "decrypt", not "get the decryption key", and parent is correct. The attack looks kind of similar to a "padding oracle attack", where you work one byte at a time using a block boundary.