## Understanding IND-CPA Security
Do you ever wonder how secret a secret is? I bet you can not even imagine your group chats being leaked to the public and having your friends stand behind a jury as your witnesses, you are just doomed! This type of affair could make or break you in an instant. And now that almost all the people leave traces of online footprints, it is almost likely that we are living our lives behind a glass-walls. But should we be really worried about these stuff? Well I sure am.
Thus, we raise the question: what are these computer guys doing to somehow save us from jeopardy? For starters, there exist a standardized crypthography that somewhat blurs that glass wall from the public's eyes. IND-CPA stands for "Indistinguishability under Chosen-Plaintext Attack." It's a fancy way of saying that an attacker shouldn't be able to tell the difference between encrypted messages, even if they get to choose the messages themselves. Think of it like trying to guess which door leads to a treasure chest when all the doors look exactly the same.
<iframe src="https://giphy.com/embed/l0MYtqyJMPWc0y7yU" width="480" height="480" frameBorder="0" class="giphy-embed" allowFullScreen></iframe>
In exploring cryptography's role in safeguarding our digital communications, it's essential to delve into the ECB Mode of Block Cipher Operation, a foundational aspect that underpins our understanding of security, particularly in contexts like IND-CPA.
## The ECB Mode of Block Cipher Operation
ECB mode is one way to use a block cipher. It is a straightforward method of encrypting messages. It divides the message into fixed-size blocks and encrypts each block individually. Each block of text gets its own encryption, so for example "Cake" might become something like "a5hR9Pz". It's like chopping up a cake into slices and frosting each slice individually.
<iframe src="https://giphy.com/embed/He4wudo59enf2" width="480" height="360" frameBorder="0" class="giphy-embed" allowFullScreen></iframe>
## ECB is not IND-CPA Secure
Here's where things get tricky. Since each block is encrypted independently, identical blocks of plaintext will always produce identical blocks of ciphertext. It's like using the same secret code for every occurrence of a word, making it easy for attackers to spot patterns and gather information about the original message. Imagine you're sending a message that says "I love cake" and "cake is yummy" using ECB mode. Since each block is encrypted separately, identical blocks of text will produce identical blocks of ciphertext.
It's like having a secret code where the same word always translates to the same jumble of letters. This makes ECB vulnerable to certain attacks, where patterns in the plaintext can still be seen in the ciphertext.
## Proving Electronic Codebook (ECB) is not IND-CPA secure
Out of curiosity, our group decided to test out if ECB is IND-CPA secure or not. We created a code that uses DES encryption algorithm using ECB mode of block operation.
```
from pyDes import *
data = "aaaaaaaaaaaaaaaaaaaaaaaa"
k = des("DESCRYPT", ECB)
d = k.encrypt(data)
print("Encrypted: %r" %d)
print("Decrypted: %r" %k.decrypt(d).decode('utf-8'))
```
The code above encrypts the message 24 a's using the [DES encryption algorithm](https://www.geeksforgeeks.org/data-encryption-standard-des-set-1/) with ECB mode of operation. As what we can observe from the encrypted data, there is a repeating pattern of `\xe5\n\xc7\xac\xf3` which is the hexadecimal representation ciphertext of encrypted 8-bits of a. In simpler words, "aaaaaaaa" maps to `\xe5\n\xc7\xac\xf3`. This proves that ECB mode of operation is not IND-CPA secure since the adversary can use this vulnerabilities of this operation to extract informations about the plain text.
<iframe src="https://giphy.com/embed/WRQBXSCnEFJIuxktnw" width="480" height="307" frameBorder="0" class="giphy-embed" allowFullScreen></iframe>
## An Alternative: CBC Mode to the Rescue
CBC (Cipher Block Chaining) mode is another way to use a block cipher, and it's much more secure than ECB. Instead of encrypting each block separately, CBC mode XORs each block of plaintext with the previous block of ciphertext before encryption. It's like mixing up the ingredients of a cake before frosting each slice. This randomizes the ciphertext and makes it much harder for attackers to spot patterns.
Using the same encryption algorithm but now with CBC mode of operation we obtain the following encrypted data below:
```
from pyDes import *
data = "aaaaaaaaaaaaaaaaaaaaaaaa"
k = des("DESCRYPT", CBC, "\0\0\0\0\0\0\0\0")
d = k.encrypt(data)
print("Encrypted: %r" %d)
print("Decrypted: %r" %k.decrypt(d).decode('utf-8'))
```
In CBC, an initial value IV is required which is used to xor the first n-bits size of data. The result is then xor'ed to the next n-bits of data and so on. In this way, the resulting ciphertext will be different for every block due to the unique XOR input provided by the IV. This introduces an element of randomness in the plaintext which in turn helps prevent patterns in the plaintext being showned in the ciphertext.
<iframe src="https://giphy.com/embed/xYEYXCt93QZTP5adXQ" width="480" height="480" frameBorder="0" class="giphy-embed" allowFullScreen></iframe>
### Summary
And there you have it, folks! Cryptography might sound like a tangled web of secret codes and algorithms, but understanding its quirks can be a real game-changer in this digital age. So, the next time you're sending a message online, think about the layers of security protecting your words—it's like having your own digital fortress. And when the sliced cake stands out like a sore-thumb, shred it to crumbs! Stay safe out there in the digital wilderness, and may your messages remain as mysterious as a good magic trick!✨🔒
#### References:
- https://www.includehelp.com/cryptography/electronic-code-book-ecb.aspx
- https://www.geeksforgeeks.org/data-encryption-standard-des-set-1/
Sign in with Wallet
Connect another wallet