-2

I couldn't find this information anywhere on here or on Google, so quick question: When using openssl_encrypt should I be using the actual cipher names (i.e. "bf-cbc") or can I use the aliases (i.e. "blowfish")?

FWIW, I'm using PHP 5.6.34.

Bonus question: According to the PHP documentation, some of the methods have been proven to be weak, so which one is the strongest or which are the strongest amongst the methods that remain?

oldboy
  • 5,729
  • 6
  • 38
  • 86
  • 2
    ["For a list of available cipher methods, use openssl_get_cipher_methods()"](http://php.net/manual/en/function.openssl-encrypt.php). The available ciphers depend on the openssl that is installed on the machine. – Peter Apr 01 '18 at 20:58
  • @Peter okay, i didn't know the available ciphers depend on the openssl that is installed on the machine, but that is beside the point/question – oldboy Apr 01 '18 at 20:59
  • 2
    No, it's not. openssl_get_cipher_methods() returns all valid strings you can use. – Peter Apr 01 '18 at 21:01
  • @Peter you're not understanding my question. if you had read the PHP documentation, when you run the `openssl_get_cipher_methods(TRUE)` statement, it returns a list of aliases. MY QUESTION is whether or not i should or can be using the aliases and or actual names of the ciphers when executing the `openssl_encrypt()` function... i thought my initial question was pretty straight-forward... – oldboy Apr 01 '18 at 21:03

1 Answers1

3

Don't use the aliases, be as specific as you can with the cipher you intend to use.

AES is probably the most appropriate algorithm to use here. The mode you use is important as well. With this in mind, I would prioritize the following, in order:

  • aes-*-gcm
  • aes-*-ctr
  • aes-*-cbc

Where * is obviously one of 256/192/128. Remember that each of the above modes has different requirements for it to be secure. GCM needs a 96-bit nonce, and no additional authentication. CTR usually uses a 128-bit nonce and needs a MAC to be secure. Using the same nonce and key for two different messages in GCM or CTR mode will expose the plaintext, so don't ever do that. CBC needs a 128-bit IV and a MAC to be secure.

I suggest you view the code in this repository for an example of secure encryption in PHP.

Luke Joshua Park
  • 9,527
  • 5
  • 27
  • 44
  • Thanks! Really appreciate the info. Additionally, for curiosity's sake, is it **possible** to use aliases? – oldboy Apr 01 '18 at 22:01
  • There are used for encryption where authentication is not required. There are also uses where authentication can be an unwanted crib. – zaph Apr 02 '18 at 01:20