News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

LeaseWebLabs.com:
Lessons learned implementing AES in PHP using Mcrypt
February 28, 2014 @ 09:37:45

The LeaseWebLabs.com site has a new post talking about some of their difficulties (and lessons learned) when implementing AES in PHP with mcrypt for a recent project.

The Advanced Encryption Standard (AES) is the successor of triple DES. When you need a standardized, secure, high performance symmetric cipher it seems like a good choice. Wi-Fi network traffic is encrypted with AES for instance. Also when you want to securely store data in a database or on disk you could choose AES. Many SSDs store data internally using AES encryption. PHP supports AES through "mcrypt". On Debian based systems (like Ubuntu and Mint) you can install it using "sudo apt-get install php5-mcrypt".

With no direct support for AES in mcrypt, they decided on Rijndael-128 instead and include some code examples of getting its key and block size. They also include an example of the dynamic typing PHP does when converting a string to an integer and the "key padding" PHP automatically does if the key length it too short. A few other problems they discovered during implementation are mentioned as well including null padding on strings and PHP's ignoring of a wrong size initialization vector (no padding, just an error).

0 comments voice your opinion now!
leaseweblabs mcrypt implement aes rijndael

Link: http://www.leaseweblabs.com/2014/02/aes-php-mcrypt-key-padding/

blog comments powered by Disqus

Similar Posts

Developer Tutorials Blog: Iterating PHP objects, and readable code too!

DevShed: Implementing Yahoo Image Search Web Service with PHP 5

Timothy Boronczyk's Blog: Evil Access (a Database Class)

Aaron McGowan's Blog: Five things I wish PHP would implement (or had) & would change

PHPBuilder.com: Implementing User Defined Interfaces in PHP 5


Community Events





Don't see your event here?
Let us know!


list deployment library update community zendserver framework laravel podcast symfony package api language tips install release interview series opinion introduction

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework