Quiz Entry - updated: 2026.05.31
How does ECB (Electronic Code Book) mode work, and what are its three serious weaknesses?
Each plaintext block is encrypted independently with the same key — there is no chaining between blocks.
Encryption: c_i = E(m_i, k) for each block, in parallel.
The weaknesses:
- Identical plaintext blocks produce identical ciphertext blocks. This famously turns the "ECB penguin" — encrypting the Linux mascot image with AES-ECB leaves the penguin clearly visible because pixel blocks repeat. Any plaintext with structure (English text, JSON, images) leaks heavily.
- Blocks can be swapped, removed, or duplicated unnoticed. An attacker who sees
c_1 c_2 c_3 c_4can rearrange toc_3 c_4 c_1 c_2and the receiver decrypts to a valid (but reordered) message. Or simply deletec_2— the rest still decrypts. - Partial encryption / decryption. Because blocks are independent, an attacker can target individual blocks. There's no integrity binding the whole message together.
Why it's still in textbooks: as the simplest mode to understand, and as the negative example. Adobe leaked 130M passwords in 2013 by storing them with 3DES in ECB mode — researchers built crossword-style attacks because identical passwords gave identical ciphertexts, instantly revealing user clusters and (via password hints) actual passwords.
Tip: Search "ECB penguin" for the most viral cryptography image of all time. If you remember nothing else, remember "don't use ECB."