/    Sign up×
Community /Pin to ProfileBookmark

Evaluate security of this encryption

Copy linkTweet thisAlerts:
Oct 01.2010

Hi,

I m looking for file encryption methods and found following .

[url]http://bit.ly/98NZ5x[/url]

It would be a great help, if experts in here can evaluate security of the same.

Thanks and Best Regards

to post a comment
PHP

5 Comments(s)

Copy linkTweet thisAlerts:
@sohguanhOct 01.2010 — I think the currently accepted encryption algorithm is AES. So it would be wise to get a PHP library that can implement the AES instead of proprietary encryption instead.
Copy linkTweet thisAlerts:
@GUIRauthorOct 01.2010 — Hi, thanks for the information

Have you came accross http://en.wikipedia.org/wiki/ESTREAM . So far I couldnt find a PHP implementation of this. Is this related to AES ?

..

What I actually need is encrypt file on upload , and decrypt before downloading, ideally not saving plain/decrypted file saved . http://bit.ly/98NZ5x seems to be supporting such.

Can you recommend any library supports that ?
Copy linkTweet thisAlerts:
@sohguanhOct 01.2010 — ESTREAM? Nope I never heard before.

For PHP implementation of AES try BouncyCastle where it is Open Source development going on for all security related. They usually use Java but no harm asking for PHP implementation instead ?
Copy linkTweet thisAlerts:
@NogDogOct 01.2010 — If you have the MCrypt extension installed and the Rijndael-192 algorithm available, here's some code I created awhile ago:
[code=php]
<?php
/**
* Encryption/Decryption using rijndael-192 algorithm
*/
class MyCrypt
{
private $resource;
private $iv;
private $key;
/**
* Constructor
* @return void
* @param string $key Ecryption/decryption key
*/
public function __construct($key)
{
$this->key = $key;
$this->resource = mcrypt_module_open('rijndael-192', '', 'cbc', '');
if($this->resource === false) {
throw new Exception("Unable to init mcrypt");
}
$this->iv = substr(md5($this->key), 0,
mcrypt_enc_get_iv_size($this->resource));
}
/**
* Destructor
* @return void;
*/
public function __destruct()
{
if(!empty($this->resource)) {
mcrypt_module_close($this->resource);
}
}
/**
* Encrypt text
* @return string
* @param string $text Text to encrypt
*/
public function encrypt($text)
{
mcrypt_generic_init($this->resource, $this->key, $this->iv);
$encrypted = mcrypt_generic($this->resource, $text);
mcrypt_generic_deinit($this->resource);
return $encrypted;
}
/**
* Decrypt encrypted text
* @return string
* @param string $text Text to be decrypted
* @param bool $trim True (default) to trim output
*/
public function decrypt($text, $trim = true)
{
mcrypt_generic_init($this->resource, $this->key, $this->iv);
$decrypted = mdecrypt_generic($this->resource, $text);
mcrypt_generic_deinit($this->resource);
return ($trim) ? trim($decrypted) : $decrypted;
}
}

///// Sample usage /////
try {
$test = new MyCrypt('fubar');
$encrypted = $test->encrypt(file_get_contents(__FILE__));
unset($test); // show that it works when re-init object
$test = new MyCrypt('fubar');
$decrypted = $test->decrypt($encrypted);
highlight_string($decrypted);
}
catch (Exception $e) {
echo "<pre>".print_r($e, true)."</pre>";
}
[/code]
Copy linkTweet thisAlerts:
@GUIRauthorOct 01.2010 — Thank you very much I will try it..
×

Success!

Help @GUIR spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.17,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...