Merge pull request ossf#156 from nmav/tmp-tux

Expand the Tux ECB image example

Author: david-a-wheeler

images/ctr_penguin.png

@@ -4651,11 +4651,22 @@ Many symmetric key algorithms, including AES, are what is called *block algorith
 
 **Never use Electronic Code Book (ECB) mode!**
 
-The ECB mode is basically a debug or test mode for testing cryptographic algorithms. In ECB mode, the same block of data will produce the same encryption result. This is disastrous for an encryption algorithm, because it reveals far too much about the data that is supposed to be encrypted. A great illustration of this is the so-called “ECB Penguin” image; this image is encrypted using an ECB mode. Encrypted images should appear as random noise, but because ECB mode is used, in the ECB Penguin the image of Tux the Penguin is clearly visible.
+The ECB mode is basically a debug or test mode for testing cryptographic algorithms. In ECB mode, the same block of data will produce the same encryption result. This is disastrous for an encryption algorithm, because it reveals far too much about the data that is supposed to be encrypted. A great illustration of this is the so-called “ECB Penguin” image; this image is encrypted using an ECB mode. Note that in the ECB Penguin below, the image of Tux the Penguin is clearly (and disastrously) visible. An encrypted image should appear as random noise, as illustrated by the GCM Penguin below, an encrypted image that uses the Galois/Counter mode (GCM).
 
-![The ECB Penguin: A dark encrypted image that clearly shows the Linux mascot, Tux the Penguin](images/ecb_penguin.png)
+<table>
+  <tr>
+    <td>Original</td>
+    <td>ECB encrypted</td>
+    <td>GCM encrypted</td>
+  </tr>
+  <tr>
+    <td><img src="images/penguin.png" width="512" alt="The original Linux Penguin image"></td>
+    <td><img src="images/ecb_penguin.png" width="512" alt="The ECB Penguin: A dark ECB-encrypted image that clearly shows the Linux mascot, Tux the Penguin"></td>
+    <td><img src="images/ctr_penguin.png" width="512" alt="The GCM Penguin: An encrypted image that uses Galois/Counter mode (GCM)"></td>
+  </tr>
+</table>
 
-The ECB Penguin, by Filippo Valsorda, retrieved from [filippo.io](https://blog.filippo.io/the-ecb-penguin/). Licensed under [CC BY-SA 4.0 International](https://creativecommons.org/licenses/by/4.0/legalcode). This image was inspired by the original lower-resolution ECB Penguin image by Wikipedia User: Lunkwill. Source “The ECB Penguin” (2013-11-10). Based on the Tux the penguin official Linux mascot created by Larry Ewing in 1996
+The ECB Penguin and GCM Penguin were generated by Nikos Mavrogiannopoulos and released under [CC BY-SA 4.0 International](https://creativecommons.org/licenses/by/4.0/legalcode). They were inspired by Filippo Valsorda's [ECB Penguin](https://blog.filippo.io/the-ecb-penguin/) and the [original lower-resolution ECB Penguin image](https://en.wikipedia.org/wiki/File:Tux_ecb.jpg) by [Wikipedia User: Lunkwill](https://en.wikipedia.org/wiki/User:Lunkwill). Source “The ECB Penguin” (2013-11-10). The original image of the Tux the Penguin (official Linux mascot) was created by Larry Ewing in 1996.
 
 Historically the *Cipher block chaining* (CBC) mode was used, but this must be calculated sequentially, so it is slow on multi-core systems. Another problem is that many systems that use CBC are vulnerable to attacks unless they are integrity-checked first. So in general, it is best to avoid CBC mode today ([Microsoft CBC Documentation](https://docs.microsoft.com/en-us/dotnet/standard/security/vulnerabilities-cbc-mode), 2020).