[PHP] Re: Mcrypt functions
Daniel Rychlik wrote: Hello, I have been playing with the mycrypt function. Im having a bit of trouble understanding why it is important to use a vector IV. I was wandering if there is a reasonably powerful encryption algorithm. That uses a key only instead of getting the block size and using a IV. I basically want to know if there is something simple out there that will do the same job. Kind Regards, Daniel An initialization vector is basically used to 'seed' the algorithm to make it more difficult to crack the ciphertext. Using an IV with a block cipher is recommended because it generally makes the cipher more resiliant to known-plaintext attacks. You can use an algorithm without an IV, but you're risking security if you do. In ECB mode, for instance, the IV is actually completely ignored, but if you use the same key, identical blocks of plaintext will translate to identical blocks of ciphertext. This is why an IV and block cipher modes which utilize IVs are important. Using an IV is definitely recommended. A good start would be Rijndael in CBC mode with random IVs. You can safely transport the IV with the ciphertext. If you really, really don't want to use IVs, you should try to stick with a strong cipher such as Rijndael or Twofish and a mode like CBC. You might also want to look into a stream cipher, such as ARC4 or SEAL. But I'd still recommend using an IV. J -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Mcrypt functions
I read more on vector IV and I agree with you. I've been reading this manual on mcrypt_encrypt and _decrypt functions. I came up with this from what I read and pretty much took the example. I have a problem with my decrypt statement. Im passing what I believe is the correct params, but I could be mistaken. Output from my function... _ V'''3n2VkRyw y}Pe ` - Encrypted Data... 8R64e]xLom 2* ez;T_=G- Decrypted data... code snipit srand(); $key = this is a secret key; $input = Let us meet at 9 o'clock at the secret place.; $size = mcrypt_get_iv_size (MCRYPT_BLOWFISH, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($size, MCRYPT_RAND); $encrypted = mcrypt_ecb (MCRYPT_BLOWFISH, $key, $input, MCRYPT_ENCRYPT, $iv); echo $encrypted, - Encrypted Data...br/; $decrypted = mcrypt_ecb (MCRYPT_BLOWFISH, $key, $input, MCRYPT_DECRYPT, $iv); echo $decrypted, - Decrypted data...br/; -Original Message- From: Jay Smith [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 03, 2003 1:58 PM To: [EMAIL PROTECTED] Subject: [PHP] Re: Mcrypt functions Daniel Rychlik wrote: Hello, I have been playing with the mycrypt function. Im having a bit of trouble understanding why it is important to use a vector IV. I was wandering if there is a reasonably powerful encryption algorithm. That uses a key only instead of getting the block size and using a IV. I basically want to know if there is something simple out there that will do the same job. Kind Regards, Daniel An initialization vector is basically used to 'seed' the algorithm to make it more difficult to crack the ciphertext. Using an IV with a block cipher is recommended because it generally makes the cipher more resiliant to known-plaintext attacks. You can use an algorithm without an IV, but you're risking security if you do. In ECB mode, for instance, the IV is actually completely ignored, but if you use the same key, identical blocks of plaintext will translate to identical blocks of ciphertext. This is why an IV and block cipher modes which utilize IVs are important. Using an IV is definitely recommended. A good start would be Rijndael in CBC mode with random IVs. You can safely transport the IV with the ciphertext. If you really, really don't want to use IVs, you should try to stick with a strong cipher such as Rijndael or Twofish and a mode like CBC. You might also want to look into a stream cipher, such as ARC4 or SEAL. But I'd still recommend using an IV. J -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Re: Mcrypt functions
You're using the same input for both encryption and decryption. Change the decryption line to $decrypted = mcrypt_ecb(MCRYPT_BLOWFISH, $key, $encrypted, MCRYPT_DECRYPT, $iv); srand() isn't doing anything here, you can get rid of it. Also, the IV does nothing here, it is ignored in ECB mode. Try using something like CBC mode. J Daniel Rychlik wrote: I read more on vector IV and I agree with you. I've been reading this manual on mcrypt_encrypt and _decrypt functions. I came up with this from what I read and pretty much took the example. I have a problem with my decrypt statement. Im passing what I believe is the correct params, but I could be mistaken. Output from my function... ?Ü_ V¢¢''?Ê'ÅÆû´3?ån2V½kôR¤üyÐw?í? y}P×?õe ` - Encrypted Data... 8?Ì«¢R¿?Þ6¡4±eÚ]xàLoìm 2?*? ê«ï ? ez;Tê_=G?- Decrypted data... code snipit srand(); $key = this is a secret key; $input = Let us meet at 9 o'clock at the secret place.; $size = mcrypt_get_iv_size (MCRYPT_BLOWFISH, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($size, MCRYPT_RAND); $encrypted = mcrypt_ecb (MCRYPT_BLOWFISH, $key, $input, MCRYPT_ENCRYPT, $iv); echo $encrypted, - Encrypted Data...br/; $decrypted = mcrypt_ecb (MCRYPT_BLOWFISH, $key, $input, MCRYPT_DECRYPT, $iv); echo $decrypted, - Decrypted data...br/; -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php