How do I encrypt data in PHP, properly, using symmetric-key encryption? I'm looking for a solution that uses cryptography properly without making of the usual mistake. I have a message M and a secret S. In particular, it should use authenticated encryption, choose IVs properly, and generate the actual encryption key from the secret S using a suitable slow hash (in case S is a password instead of an actual cryptographic key).
Can you suggest PHP code for this purpose?
My motive: I'd like to give PHP programmers good advice on how to do this, not bad advice. This question on StackOverflow is a real disappointment: it is full of highly-upvoted answers that are appallingly bad (ECB mode encryption? repeating IVs? encryption without authentication?). Let's figure out the right answer -- a code snippet that does things right -- and then go fix that broken window on StackOverflow.
Aucun commentaire:
Enregistrer un commentaire