Quote:
Originally Posted by badguy4you
I am planing to make a server client communication and encrypt the messages using blowfish so which mode is best for the most security
ECB
CBC
CRT
Please tell me which is the best for the most security. also i plan to save the key in each the client and server (so even if the client has been decompiled and the key is leeched , it will not work cuz the server key has been changed)
|
Electronic codebook (ECB) is poor. As the stream is separated in blocks that are independently encrypted with the same key, it is a repetitive encryption. So, patterns will be easily found in the encrypted output.
Cipher-block chaining (CBC) is similar to cipher feedback (CFB), but with more flaws than CFB. CFB is not good for parallel encryption, but use a propagation mode, so, there is no pattern with time. Note that if only one bit is loss, the whole decryption will fail. It is a really sensible mode. Don't use CBC. CFB is a good mode and for an example of Blowfish using CFB mode, you can look at both my C# and C++ implementations.
Counter (CTR) is widely accepted and its weaknesses are mostly due to the cipher and not the mode. So, there is still some working attack on the mode, but it's secure.
The first image is the original one. The second one is encrypted with ECB (you can clearly see the weakness of the mode). The third one is encrypted with CBC and you can still distinguish a bit the Nux. So, CBC is also a bit weak.
Take a look to CTR or CFB. It's the best of your first ones.
