How is ECB secure?

cn flag

Setting aside legitimate concerns such as lack of CPA security (not to speak of malleability issues) and thus near-universal insuitability of AES-ECB for general purposes, I thought I recalled reading that there is some form of security which ECB has: specifically, when the plaintext comprises entirely uniformly random data, that it gains some form of security. However, I could not easily find this idea online.

I am not alone in this understanding (question found when searching this site for the answer to my question):

Q: …it seems that it is feasible to use [AES-ECB] for random data…

A: …Using AES in ECB mode to encrypt random data (such as symmetric key material) to keep it confidential can be secure…

so it would seem this isn't an entirely unfounded idea / a fake memory / etc.

My question is, then: what are the exact terms of this (albeit limited) security that ECB has regarding uniformly random plaintexts? Was there ever a paper giving a survey of it, for instance? (Google Scholar also tuned up nothing much relevant in my pre-research.)

kelalaka avatar
in flag
So, we are talking about uniformity, numbers, the collision, and your risks. Given uniformly generated $n$ messages with average $b$ block size, can you find when there will be a collision? 101 birthday attack. Now, what are your risks? Can you quantify that, too?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.