Reputation: 65005
Can I do AES-128-ECB encryption with Libsodium?
I need to encrypt a block of data using AES-128-ECB and would like to do so with libsodium and Ruby. I have prototyped a solution in Ruby using OpenSSL APIs as shown below:
aes = OpenSSL::Cipher::Cipher.new("AES-128-ECB")
aes.encrypt
aes.key = key
aes.update(data) + aes.final
This works, but I need other features from libsodium, so I would like to use it instead and get rid of my dependency on OpenSSL. Unfortunately, I don't see any APIs for ECB mode. I am also using the ruby wrapper RbNaCl, but I don't even see any way to do this using the base libsodium APIs. I do see ones for AES-128-CTR.
Is it possible to encrypt AES-128-ECB with libsodium?
Upvotes: 3
Views: 2099
Answers (1)
Reputation: 1501
libsodium intentionally doesn't support the ECB mode.
In this mode, the same block encrypted twice produces the same ciphertext twice.
A classic illustration of why this is terrible from a security perspective is the ECB penguin.
Instead of providing many primitives, modes and parameters to choose from, with many combinations actually being insecure, libsodium provides a cherry-picked set of secure constructions.
AES-ECB is not one of them, and will never be for the reasons stated above.
You really should switch to a different construction.
Upvotes: 8
Related Questions
- How to encrypt / decrypt AES with Libsodium-PHP
- Rails Encryption using AES, overcomplicated
- How to port DES ECB encryption from Python to Ruby
- Does Ruby 1.9.3 support AES-NI in the OpenSSL module?
- How to do AES-256-ECB encryption in Elixir?
- how to encrypt data with AES 256 ECB PKCS5Padding in ruby
- AES Decryption in ruby and activerecord
- Ruby OpenSSL AES-128-CTR
- Mimic AES_ENCRYPT and AES_DECRYPT functions in Ruby
- Which AES library to use in Ruby/Python?