Which DES mode of operation is best suited for database encryption?
A.
Cipher Block Chaining (CBC) mode
B.
Cycling Redundancy Checking (CRC) mode
C.
Electronic Code Book (ECB) mode
D.
Cipher Feedback (CFB) mode
Explanation:
The DES algorithm in Electronic Codebook (ECB) mode is used for DEK and MIC encryption when
symmetric key management is employed. The character string “DES-ECB” within an encapsulated
PEM header field indicates use of this algorithm/mode combination. A compliant PEM
implementation supporting symmetric key management shall support this algorithm/mode
combination. This mode of DES encryption is the best suited for database encryption because of its
low overhead. ECB Mode has some weakness, here they are: 1. ECB Mode encrypts a 64-bit block
independently of all other 64-bit blocks 2. Given the same key, identical plaintext will encrypt the
same way 3. Data compression prior to ECB can help (as with any mode) 4. Fixed block size of 64 bits
therefore incomplete block must be padded