stackoom
  简体   繁体   中英

What is, if any, prefered mcrypt cipher for encrypting/decrypting php objects or arrays

 原文  2011-03-05 13:19:13       php/ encryption/ mcrypt

Question

I'll keep this short and simple. As part of PHP's mcrypt library there are 40 or so possible ciphers, see here .

Not knowing much about encryption myself, I'm working under the assumption regardless of the cipher used, the data when decrypted is identical as the data encrypted (otherwise what's the point right?)

I need to encrypt and then decryption either an array or serialised standard object. I've browsed a couple examples online of the basic implementation of the mcrypt library and noticed that each example used a different cipher. It got me wondering if there was any significance to this, or simply personal preference?

My question is, is there any significant differences between these ciphers I should be concerned with knowing that

  • I'll be encrypting/decrypting is an either an array or serialised standard object, and contain relatively little data.
  • This operation will be fairly uncommon so speed isn't a massive issue, anywhere in the range on < 2s is acceptable.
  • The encrypted string will need to be stored in a cookie and transmitted via url query string (so there are limitations on length and character set)

Note

I'm not after a debate about whether I should be using a hash or hmac. Encryption is necessary and the correct option for this problem.

2 answers

solution1
 5 ACCPTED  2011-03-05 13:42:07

Any reasonable cipher encrypts/decrypts between plaintext/ciphertext given the correct key.

There are huge differences to which cipher you choose. Be it block length, key length and/or general security. For instance, you should never use DES because it only uses a 56-bit key. Similar for other ciphers on the list you refer to. Before using any cipher always read up on it and determine whether it is a good cipher for your context.

But I can't go into detail about every cipher on your list here. :-)

I personally like AES (Rijndael) which takes three sizes of keys 128, 192 and 256 bits. The best known attack is faster than a brute-force attack but is still infeasible. It is fast, too (actually Intel included machine instructions for AES in Westmere and Sandy Bridge).

Serpent and Twofish are also good ciphers. Serpent came second to Rijndael and Twofish came third (I think it was) in the AES contest some years back.

solution2
 1  2011-09-21 20:17:41

For a perfect example of what a cipher is, go to this link. http://perfectcipher.com/tridimensional.html

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Encrypting in PHP (mcrypt), Decrypting in Ruby (OpenSSL::Cipher) php mcrypt - decrypting and encrypting files? Encrypting/Decrypting in PHP with MCRYPT…Inconsistent Results Encrypting with Perl CBC and decrypting with PHP mcrypt Encrypting / Decrypting file with Mcrypt Encrypting with PHP mcrypt, decrypting with Android. Is this decryption right? Encrypting in CryptoJS and decrypting in mCrypt not working properly Encrypting in PHP, decrypting in IOS Encrypting and decrypting passwords with php Encrypting with PHP; decrypting with CryptoJS
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM