tnoda
commented
10 years ago Thank you for leaving a comment.
As you mentioned, ECB is weak in many case. However I consider that whether an encryption mode is appropriate or not depends on the case. So I state that simple-crypto is designed to perform weak encryption in the README file, and let users judge that.
Thank you for your library.
The AES mode used in this code is ECB, which is inappropriate for encoding long strings with the same key. This was a gotcha for me, I was wondering if it'd be appropriate to include a disclaimer.
See: http://stackoverflow.com/questions/1220751/how-to-choose-an-aes-encryption-mode-cbc-ecb-ctr-ocb-cfb