mcrypt_enc_get_iv_size
The key size returned by this function is for keys consisting of 8-bit characters. For example, 256-bit algorithms require 32-character keys.
However, if you are using alphanumeric keys [A-Za-z0-9] beware that strength is reduced, because you are only using a set of 64 characters, which could be represented in 6 bits. You get: 6 x 32 = 192-bit encryption.
Avoid using string representations hashes - md5() or sha1() - because hex encoding uses a set of only 16 characters [0-9a-f], which is equivalent to 4 bits, and thus halve the strength of your encryption: 4 x 32 = 128-bit.
A 64 character hex representation of an SHA-256 hash will not improve matters, because only the first 32 characters can be used. You need an 8-bit representation of SHA-256, or of two MD5s, to get full 256-bit strength.
The problem is somewhat reduced in OFB, CFB or CBC mode by the use of IVs, but only if you do not package your IV with the encrypted data.
mcrypt_enc_get_key_size
(PHP 4 >= 4.0.2, PHP 5)
mcrypt_enc_get_key_size — Returns the maximum supported keysize of the opened mode
Descripción
int mcrypt_enc_get_key_size
( resource $td
)
Gets the maximum supported key size of the algorithm in bytes.
Lista de parámetros
- td
-
The encryption descriptor.
Valores retornados
Returns the maximum supported key size of the algorithm in bytes.
add a note
User Contributed Notesmcrypt_enc_get_key_size
terry _at_ scribendi_com
29-Apr-2005 12:06
29-Apr-2005 12:06