Safe way to generate different encrypted output from the "same" plaintext

Question

Imagine I want to send imaginary defcon levels to another party over the internet. I know there are good protocols for this like SSL, but lets say I only have a blackbox tool where I can input an AES key, and a plaintext. The output of the box is the encrypted plaintext with the input key.

If I send my encrypted defcon level to another party (using the blackbox tool), an eavesdropper will not be able to conclude which level it is, but will see patterns in my exchanged traffic. E.g.

Defcon level | encrypted defcon level
1 | 0x68
2 | 0x25
3 | 0xe4
4 | 0x78
5 | 0xF2

he will see the traffic:

@time 1: 0x68
@time 2: 0xe4
@time 3: 0x68

and conclude: "Hmm, at time 1 the defcon level is the same as at time 3".

My question now is: Does adding random rubbish to my defcon level (so my output will always be different) defeat traffic-pattern-analysis well? Does the appended random rubbish string need to have a random length? E.g. plaintext for defcon level 0 becomes "0*random rubbish*" in stead of "0"

P.S. Please don't suggest answers where you change the used protocol, or make any other modifications but to the plaintext (e.g. IV/key)

Answer 1

It seems to me that you could prefix the Defcon level with a 15 byte counter and then encrypt it using a single block ECB (also known as AES used as a block cipher). Decryption will give you the counter to validate and the Defcon level. For a slightly tricker to implement scheme use a 7 byte counter and an 8 byte AES-CMAC, and encrypt that.

This does expand the ciphertext, but that cannot be really helped. With just one byte there is no way to detect fake Defcon levels. You would not want to fire nuclear missiles just because you got a Defcon red by mistake.

---

Note that this is a specific answer for this question taking the following requirement into account:

Please don't suggest answers where you change the used protocol, or make any other modifications but to the plaintext (e.g. IV/key)

This is also why I didn't include a random number generator. Everybody else should probably use a random or pseudo random IV and a MAC.