5 Questions and Answers on PHP Symmetric Encryption and Decryption

This article brings you relevant knowledge about PHP, which mainly introduces issues related to PHP symmetric encryption and decryption. There are 5 common questions. Let’s take a look at them together. I hope it will be helpful to everyone.

1. mcrypt extension or openssl extension?

php7 has deprecated the mcrypt extension and recommends using openssl for encryption and decryption

2, DES, 3DES, AES?

DES It is an older symmetrical encryption algorithm. Its security no longer meets current needs, and its performance is worse than AES.

The essence of 3DES is also DES, but it is encrypted three times on the basis of DES. It is basically the same as above. When selecting technology, try to avoid these two confidential algorithms

AES is a Advanced Encryption Standard (Advanced Encryption Standard) is a symmetric encryption algorithm that is currently widely used. AES is very secure and has high performance.

3. AES-128-X, AES-196-X or AES-256-X?

128,196,256 means the key length

128 is 128bit 16 bytes, such as this key: 1234123412341234

If the key exceeds 16 bytes, the extra part will be ignored directly

4. Five types Encryption mode

ECB Electric CodeBook  电码本模式
CBC Cipher Block Chaining 密码分组链接模式

This mode requires a vector value iv, which is more secure than ECB [Recommended learning: "PHP Video Tutorial"]

Sample code:

$my_method = 'aes-128-cbc';  //算法
$key = "1234567812345678"; //128bit秘钥
$data =  "asxsaxasdlkasjdiqi";  
//输入算法获取向量长度
$iv_length =  openssl_cipher_iv_length( $my_method );  
//根据长度获取向量 函数会给$cstrong赋bool值,判断是否使用了强加密算法,一般为true
$iv = openssl_random_pseudo_bytes( $iv_length, $cstrong );
//加密
$enc_data = openssl_encrypt($data, $my_method, $key,  OPENSSL_RAW_DATA, $iv);
//解密
$dec_data = openssl_decrypt($enc_data, $my_method, $key,  OPENSSL_RAW_DATA, $iv);

CFB Cipher FeedBack 密码反馈模式
OFB Output FeedBack  输出反馈模式
CTR Counter Mode 计算器模式

Different block encryption iteration modes under the same algorithm, such as AES-128-ECB, refers to the use of the AES algorithm, the secret key is 128 bit length, the iteration method is ECB, and the AES-128-ECB algorithm is used The encrypted ciphertext can only be decrypted using AES-128-ECB

5. How to check the available encryption methods?

print_r(openssl_get_cipher_methods());
//
Array
(
    [0] => aes-128-cbc
      ...
    [19] => aes-192-cbc
    ...
    [35] => aes-256-cbc
    ...
    [54] => aria-128-cbc
      ...
    [80] => aria-256-ofb
    [81] => camellia-128-cbc
    ...
    [102] => camellia-256-ctr
    ...
    [105] => chacha20
    ...
    [107] => des-ede-cbc
       ...
    [116] => des-ede3-ofb
    [117] => des3-wrap
    [118] => null
    [119] => sm4-cbc
)

The above is the detailed content of 5 Questions and Answers on PHP Symmetric Encryption and Decryption. For more information, please follow other related articles on the PHP Chinese website!