Securely encrypt or create an unique identifier for external communication in PHP?

Question

We're developing an PHP application that stores personal and anonymized information ('reports') in a MySQL database.

For each person there might be several 'reports', which get sent to a third party register.

The problem is the third party doesn't know which of these reports are for the same person. So we would like to add a unique, but untraceable id for the person to the report when we're sending them. (As the third party is not to know our internal person's id)

As the third party might want to communicate about a given person by its id, we need to be able to decrypt that id into the id that is stored with our person record. (So hashing won't work). We also expect there to be more external parties in the near future, which we want to give an different unique id per person. (By using a different encryption key).

What encryption method could we use to encrypt a person's id, so it will always give the same result? Looking at (for example) the libsodium extension docs, I would think we would have to use the same nonce every time we encrypt a person’s id. This seems to be highly discouraged.
The same issue would apply when using AES encryption, via php’s openssl_encrypt where:

Emits an E_WARNING level error if an empty value is passed in via the iv parameter.

Answer 1

We also expect there to be more external parties in the near future, which we want to give an different unique id per person. (By using a different encryption key).

+

Looking at (for example) the libsodium extension docs, I would think we would have to use the same nonce every time we encrypt a person’s id. This seems to be highly discouraged.

Yeah, don't even worry about the "key" vs "iv/nonce" part. Just use defuse/php-encryption or Halite. They both give you authenticated encryption and all you need to give either is a message and a key.