开发者

Encryption: how to have 1 iv despite multiple fields

问答 作者:

I've been stuck trying to arrive at a best solution for this for a while. I know that an initialization vector has to be unique for each item being encrypted. So if I'm encrypting an address and I have it stored all in a single field, I need a singl开发者_JAVA技巧e iv for this. But if I have the address spread over multiple fields, I need several ivs, one for each field. This is a problem.

Is there a way to encrypt multiple fields (all in the same row/record) with a single iv, while maintaining the individuality of the fields? The goal is to have a single iv per record.

What I was thinking about doing was something like this

//get input for fields 1-5

//encrypt them, so that each one has its iv appended to it
$field1_enc = encr($field1);
$field2_enc = encr($field2);
$field3_enc = encr($field3);
$field4_enc = encr($field4);
$field5_enc = encr($field5);

//then store them individually in the database

How do I encrypt all fields with a single key? Then what happens when I want to edit any of those fields? (my guess is I'd have to un-ecrypt, then re-encrypt with a new iv). But the main question is aside from the concept, I don't understand how to programmatically get this done, i.e. encrypting all fields with a single iv

IV needs to be unique but doesn't have to unpredictable or secret. Why don't you create a random number as base of IV for each record. Adding 1 to the base and use it as IV for field 1, adding 2 for field 2 ...

EDIT: Here are some implementation details,

Create a column for iv_base, which is simply a random number,

$iv_base = random();

When you encryt or decrypt the fields, use this function to create IV,

function get_iv($base, $size, $seq) {
    $remaining = $size;
    $round = 0;
    $iv = '';
    while ($remaining != 0) {
        $d = md5($base . $seq . $round, true);
        $len = min($remaining, 16);
        $iv .= substr($d, 0, $len);
        $remaining -= $len;
        $round++;
    }
    return $iv;
}

$base is the random number you stored in the database. $size is the IV size. $seq is the number you assigned for each field. You can use field name also.

继续阅读:encryptionphpsecurity

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9