开发者

PHP: Most secure (decryptable) encryption method?

In PHP, which (decryptable) encryption algorithm is most secure one?

I mean MD5 can't be decrypted back right?

I've found full working class with mcrypt (then encoded with base64 again) which can encrypt and decrypt back.

Sample mcrypt (Encrypt):

function encrypt($value) {
    if(!$value){return false;}
    $text = $value;
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $this->key, $text, MCRYPT_MODE_ECB, $iv);
    return trim($this->safe_b64encode($crypttext));
}

Then encode again with base64:

function safe_b64encode($string) {
    $data = base64_encode($string);
    $data = str_replace(array('+','/','='),array('-','_',''),$data);
    return $data;
}

(Sorry for the code just with the encrypt, without decrypt. I just giving sample.) But I just want to know if there other more secure algo开发者_StackOverflow社区rithm then using mcrypt.


You probably want MCRYPT_RIJNDAEL_256. Rijndael with blocksizes of 128, 192 and 256 bit is a generalization of AES which only supports a blocksize of 128 bit.

See: http://us.php.net/manual/en/mcrypt.ciphers.php and http://us.php.net/manual/en/book.mcrypt.php


Just to clarify: MD and SHA algorithms are HASH algorithms: they calculate a check sum of given data so you can later verify that it hasn't been altered. Think of it like this:

Your data is 592652. You want a checksum to know this hasnt been altered so, you do something like:

5+9+2+6+5+2=29
2+9=11
1+1=2

Now, when you want to check your data, you can put it through same calculation and see if you get the same result:

2

However there is no way to take that 2 and get back your original data: 592652.

Of course real calculations hash algoriths are different, this example is just a demonstration of the general idea. This is not encryption.

As for encryption, AES family of algorithms is probably most secure these days, I'd go AES-512. As others noted RIJNDAEL should be preferred. (AES and Rijndael are used exchangably, theyre almost the same thing: Rijndael is the name of the algorithm while AES is the name of the encryption standard that adops Rijndael as its method).


Base64 is not an encryption algorithm.

On PHP you can use the mcrypt extension to securely encrypt and decrypt data.

Blowfish is one of the most secure (and the default in mcrypt) algorithms supported by PHP.

See the full list of supported algorithms here.


Given that the question changed, this would be the new answer:

mcrypt is not an encryption algorithm. It's a library that provides an interface to different encryption algorithms to encrypt arbitrary data.

In a PHP context this is more or less the only decent thing you have to encrypt data.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜