Which statement accurately describes ECB, CBC, and GCM modes and their security implications?

Prepare for the DSAC-11 Annex B Test with comprehensive study resources. Access flashcards and multiple-choice questions with detailed hints and explanations to ensure you're fully equipped for your exam success!

Multiple Choice

Which statement accurately describes ECB, CBC, and GCM modes and their security implications?

Explanation:
Understanding how these modes handle confidentiality and integrity helps you see why some are secure for certain uses and others are not. ECB encrypts each block independently, so identical plaintext blocks produce identical ciphertext blocks. This leaks patterns and is easily exploited, making ECB insecure for most practical data. CBC introduces an initialization vector and chains blocks by XORing the previous ciphertext with the next plaintext block before encryption, so the IV is needed to start the process and ensures different ciphertexts for the same plaintext. However, CBC by itself does not provide authentication and should be used with an additional MAC or in an authenticated encryption scheme for strong security. GCM blends a counter-mode encryption with a Galois-field-based authentication, delivering both confidentiality and a robust authentication tag to detect tampering. So the statement that ECB is insecure, CBC uses an IV and chaining, and GCM provides authentication is the accurate description. Other options misstate these properties—ECB isn’t secure for most uses, CBC isn’t inherently authenticated, and GCM does provide authentication.

Understanding how these modes handle confidentiality and integrity helps you see why some are secure for certain uses and others are not. ECB encrypts each block independently, so identical plaintext blocks produce identical ciphertext blocks. This leaks patterns and is easily exploited, making ECB insecure for most practical data. CBC introduces an initialization vector and chains blocks by XORing the previous ciphertext with the next plaintext block before encryption, so the IV is needed to start the process and ensures different ciphertexts for the same plaintext. However, CBC by itself does not provide authentication and should be used with an additional MAC or in an authenticated encryption scheme for strong security. GCM blends a counter-mode encryption with a Galois-field-based authentication, delivering both confidentiality and a robust authentication tag to detect tampering. So the statement that ECB is insecure, CBC uses an IV and chaining, and GCM provides authentication is the accurate description. Other options misstate these properties—ECB isn’t secure for most uses, CBC isn’t inherently authenticated, and GCM does provide authentication.

Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy