Geek Answers Handbook

PHP Mcrypt, how safe is it?

I am currently working on a project that will handle fairly confidential personal information, although these are not backaccount numbers, this is still confidential personal information, and I want to do everything I can to encrypt and save this information inside mysql as much as possible safer. Therefore, now I am intensively looking for some security measures that can deal with this confidential information.

One easy way I found to encrypt / decrypt strings and text blocks would be using mcrypt. But when I look at mcrypt here on stackoverflow, I noticed that many people say that mcrypt is not secure after that.

So now I wonder how safe is this? Does it take a lot of hacking skills, say, skills to crack and decrypt stored information if the key is stored securely? Do I need to be afraid that a hacker with little skills may decrypt the encrypted information that I am going to store on mysql server? So, what skills are needed to crack the encrypted information encrypted using mcrypt?

If Mcrypt isn't good enough to use, what good alternatives aren't complicated using gnupg extensions?

+7
source share
1 answer

A small guide that you could follow to avoid a few mistakes and apply some recommendations.

  • Do not use the same encryption key and initialization vector (IV) for two different messages.

This will lead to the risk of exposure to plaintext if the adversary manages to intercept two or more messages during transit using the same key and IV.

  • Do not use ECB mode; OFB and CTR are slightly better, but CBC or CFB mode is recommended.

The main reason not to use ECBs is because this mode leaks information about duplicate text blocks that can undermine your encoded data stream.

OFB and CTR are better, but they suffer from the above security issue of using the same IV + key combination more than once.

CFB and CBC are the most resistant to reuse of the IV + key, but separate messages with the same common prefix leak the length of the specified prefix. In addition, CFB leaks the difference in the first non-identical blocks of plaintext.

  • Make sure you have a strong encryption key

    You should not choose from printed ASCII (for example, not "my super strong secret key"); PBKDF2 would be preferable (it will soon be supported, as long as it will be used by Google). It should be obvious that this key must be saved; if you lose it, bye bye data.

  • Use a good source of entropy to generate the initialization vector.

    Mcrypt has the ability to use MCRYPT_DEV_RANDOM or MCRYPT_DEV_URANDOM when you call mcrypt_create_iv() .

Hope this helps you :)

+16
source

More articles:


All Articles