PHP Mcrypt,真的很安全吗? [英] PHP Mcrypt, how secure is it really?
问题描述
目前,我正在处理一个处理一些非常敏感的个人信息的项目,虽然它不是后端帐号,但它仍然是敏感的个人信息,我想做所有我可以做的一切,以加密和存储这些信息在一个mysql尽可能安全。所以现在我正在强烈地寻找一些可以处理这些敏感信息的安全措施。
At the moment I am working on a project that will handle some quite sensitive personal information, although it are not backaccount numbers it is still sensitive personal information and I want to do everything I can do to encrypt and store this information inside a mysql as safely as possible. So now I am intensely looking for some security measures that could deal with this sensitive information.
我发现加密/解密字符串和文本块的一种简单的方法是使用mcrypt的。但是当我在stackoverflow上搜索mcrypt时,我注意到很多人都告诉我mcrypt是不安全的。
One easy way I found to encrypt/decrypt strings and text blocks, would be using mcrypt. But when I search on mcrypt over here on stackoverflow, I noticed that many people tell that mcrypt is afterall not that secure.
所以现在我想知道,它的安全性真?如果密钥存储安全,是否需要大量的黑客技能,让我们说专家技能来破解和解密存储的信息?我需要担心一个技能很小的黑客可以解密我要存储在mysql服务器中的加密信息吗?那么破解使用mcrypt加密的加密信息需要什么技巧?
So now I am wondering, how secure is it really? Does it takes a lot of hacking skills, let's say expert skills, to crack and decrypt the stored information if the key is stored securely? Do I need to be afraid that a hacker with little skills can decrypt the encrypted information that I am going to store inside mysql server? So what skills does it take to crack the encrypted information that's encrypted with mcrypt?
如果Mcrypt无法使用,什么是好的选择,不复杂,因为使用gnupg扩展?
If Mcrypt is not usable enough, what are good alternatives that are not to complex as using the gnupg extensions?
推荐答案
一个小指导,您可以遵循以避免一些陷阱并应用一些建议。
A small guide you could follow to avoid a few pitfalls and apply some recommendations.
- 不要为两个不同的消息重复使用相同的加密密钥和初始化向量(IV)。
如果对手设法在传输过程中使用相同的密钥和IV截取两个或多个邮件,那么这样做会冒险使用纯文本。
Doing so will risk exposure of the plain-text if an adversary manages to intercept two or more messages during transit using the same key and IV.
- 不要使用ECB模式; OFB和CTR模式有所好转,但建议使用CBC或CFB模式。
-
确保你有一个强大的加密密钥
Make sure you have a strong encryption key
应该从可打印的ASCII中选择 em> not 我的超级秘密密钥); PBKDF2将是首选(很快得到本地支持,直到谷歌)。很明显,这个钥匙必须保持安全;如果你失去了,再见数据。
It should not be chosen from printable ASCII (e.g. not "my super strong secret key"); PBKDF2 would be preferred (soon to be supported natively, until then Google it). It should be obvious that this key must be kept safe; if you lose it, bye bye data.
-
使用一个好的熵源生成初始化向量。
Use a good entropy source to generate the initialization vector.
当您调用
mcrypt_create_iv()时,Mcrypt可以使用MCRYPT_DEV_RANDOM或MCRYPT_DEV_URANDOM。Mcrypt has an option to use MCRYPT_DEV_RANDOM or MCRYPT_DEV_URANDOM when you call
mcrypt_create_iv().
主要不使用ECB的原因是因为此模式会泄漏关于重复的纯文本块的信息,这可能会破坏您编码的数据流。
The main reason to not use ECB is because this mode leaks information about duplicate plain-text blocks which may undermine your encoded stream of data.
OFB和点击率更好,但遭受来自上述使用相同IV +组合键的安全问题不止一次。
OFB and CTR are better, but they suffer from the aforementioned security issue of using the same IV+key combination more than once.
CFB和CBC是对IV +密钥重用最具弹性的,但单独的消息与相同的公共前缀将泄漏所述前缀的长度。此外,CFB泄漏了第一个不相同的纯文本块的差异。
CFB and CBC are the most resilient against IV+key reuse, but separate messages with the same common prefix will leak out the length of said prefix. In addition, CFB leaks out the difference of the first non-identical plain-text blocks.
希望这将有助于您:)
这篇关于PHP Mcrypt,真的很安全吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
