LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

Why is ECB (Electronic Codebook) mode insecure?

ECB encrypts each block independently with the same key, so identical plaintext blocks produce identical ciphertext blocks — this leaks patterns in the data.

ECB encrypts each block independently, so equal blocks leak

* ECB encrypts each block independently, so identical plaintext blocks leak as identical ciphertext blocks. *

The flaw is conceptual rather than a bug: by being a deterministic, stateless codebook, ECB faithfully preserves every repetition that was in the plaintext, so it fails the most basic requirement that ciphertext should look random. Everything below is a consequence of that one property.

How ECB works:

C_i = E(K, M_i)    (each block encrypted independently)

The famous penguin problem:

  • Encrypt a bitmap image with ECB → the image is still recognizable because areas of identical color produce identical ciphertext blocks
  • This is the most dramatic demonstration of why ECB fails

Problems:

  • Patterns in plaintext are preserved in ciphertext
  • Block reordering attacks: an attacker can rearrange ciphertext blocks
  • Block substitution attacks: replace one block with another from a different message

The one advantage: Parallelizable — all blocks can be encrypted simultaneously

When ECB is acceptable: Only for encrypting a single block (e.g., encrypting a single AES key). Never for multi-block data.

Tip: If someone suggests ECB for anything more than a single block, it's almost certainly wrong. The "ECB penguin" is a classic crypto meme for a reason.

Go deeper:

From Quiz: KRYPTOG / Symmetric Cryptography | Updated: Jul 14, 2026