News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

LeaseWebLabs.com:
Lessons learned implementing AES in PHP using Mcrypt
February 28, 2014 @ 09:37:45

The LeaseWebLabs.com site has a new post talking about some of their difficulties (and lessons learned) when implementing AES in PHP with mcrypt for a recent project.

The Advanced Encryption Standard (AES) is the successor of triple DES. When you need a standardized, secure, high performance symmetric cipher it seems like a good choice. Wi-Fi network traffic is encrypted with AES for instance. Also when you want to securely store data in a database or on disk you could choose AES. Many SSDs store data internally using AES encryption. PHP supports AES through "mcrypt". On Debian based systems (like Ubuntu and Mint) you can install it using "sudo apt-get install php5-mcrypt".

With no direct support for AES in mcrypt, they decided on Rijndael-128 instead and include some code examples of getting its key and block size. They also include an example of the dynamic typing PHP does when converting a string to an integer and the "key padding" PHP automatically does if the key length it too short. A few other problems they discovered during implementation are mentioned as well including null padding on strings and PHP's ignoring of a wrong size initialization vector (no padding, just an error).

0 comments voice your opinion now!
leaseweblabs mcrypt implement aes rijndael

Link: http://www.leaseweblabs.com/2014/02/aes-php-mcrypt-key-padding/

blog comments powered by Disqus

Similar Posts

Derick Rethans' Blog: Namespaces in PHP

Josh Adell: Interfaces and Traits: A Powerful Combo

Joe Topjian's Blog: My Zend_Acl Implementation

Aaron McGowan's Blog: Five things I wish PHP would implement (or had) & would change

O\'Reilly: Implementing MVC in PHP: The View


Community Events





Don't see your event here?
Let us know!


laravel podcast opinion api install list unittest release testing refactor community code developer threedevsandamaybe symfony2 introduction series framework language interview

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework