A Picture (or Three) Is Worth A Thousand Words
Iang over at Financial Cryptography talks about the importance of not just which cryptographic algorithm to use, but which mode it is implemented with. He uses three pictures from Mark Pustilnik’s paper “Documenting And Evaluating The Security Guarantees Of Your Apps” [link to http://msdn.microsoft.com/msdnmag/issues/06/11/ExtendingSDL/default.aspx no longer works] that are such a great illustration of the problem, that I have to include them here.
Adam and I have both been to Tufte’s courses on Presenting Data and Information and these strike me as the kind of illustrations he would appreciate. The beauty of them is that as a non-cryptographer, you don’t need to understand the technical differences between ECB and CBC modes, because the illustrations demonstrate them far better than any text could.
[Edit: In the comments, nicko points out this extremely cleaver idea was originally done with the Tux logo from Linux and that they can be found on wikipedia in the section on block cipher modes of operation.]
Figure 2a Plaintext
Figure 2b ECB Encryption
Figure 2c CBC Encryption
While the illustration in the paper is indeed a powerful one, it’s also an appalling example of plagiarism and Microsoft’s perpetual attempts to annex Open Source projects. The originals of these images are on Wikipedia, done with the Tux logo from Linux, and really should be acknowledged.
http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation