How can you override the 24 character mcrypt salt limit?

Question

I would like to use a salt that has more than 24 characters with mcrypt.

mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $salt, $text, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND));

However if I make $salt greater than 24 characters it throws this warning and uses a truncated salt at 24 characters:

Warning: mcrypt_encrypt() [function.mcrypt-encrypt]: Size of key is too large for this algorithm

Is there any way to get around this?

You shouldn't "like" to do things that are out of the inner workings of the encryption algorithm. — N.B., May 08 '11 at 13:03

score 3 · Accepted Answer · answered May 08 '11 at 12:52

3

24 is the limit of this alorithm. Chars over 24 characters isn't used. But you can always trasnform your salt.

http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

answered May 08 '11 at 12:52

Marcin

1,429
8
16

Thanks for the info. Is there an alternative encryption algorithm that mcrypt can use that you would suggest? – Andrew Jenkins May 08 '11 at 16:28
AES (a.k.a. RIJDAEL) is current standard of encryption. I think that it's the best one. – Marcin May 08 '11 at 20:42

score 0 · Answer 2 · answered May 08 '11 at 12:49

0

I would personally MD5 the salt and use that otherwise you need to select a different algorithm.

answered May 08 '11 at 12:49

Kmaid

169
2
8

MD5 is over 24 characters and I want 140+ character salts to make brute forcing virtually impossible. – Andrew Jenkins May 08 '11 at 16:27

How can you override the 24 character mcrypt salt limit?

2 Answers2