mcrypt_enc_get_iv_size
The key size returned by this function is for keys consisting of 8-bit characters. For example, 256-bit algorithms require 32-character keys.
However, if you are using alphanumeric keys [A-Za-z0-9] beware that strength is reduced, because you are only using a set of 64 characters, which could be represented in 6 bits. You get: 6 x 32 = 192-bit encryption.
Avoid using string representations hashes - md5() or sha1() - because hex encoding uses a set of only 16 characters [0-9a-f], which is equivalent to 4 bits, and thus halve the strength of your encryption: 4 x 32 = 128-bit.
A 64 character hex representation of an SHA-256 hash will not improve matters, because only the first 32 characters can be used. You need an 8-bit representation of SHA-256, or of two MD5s, to get full 256-bit strength.
The problem is somewhat reduced in OFB, CFB or CBC mode by the use of IVs, but only if you do not package your IV with the encrypted data.
mcrypt_enc_get_key_size
(PHP 4 >= 4.0.2, PHP 5)
mcrypt_enc_get_key_size — オープンされたモードでサポートされる最大キー長を返す
説明
int mcrypt_enc_get_key_size
( resource $td
)
そのアルゴリズムでサポートされる最大キー長をバイト単位で返します。
パラメータ
- td
-
暗号化記述子。
返り値
そのアルゴリズムでサポートされる最大キー長をバイト単位で返します。
add a note
User Contributed Notesmcrypt_enc_get_key_size
terry _at_ scribendi_com
29-Apr-2005 12:06
29-Apr-2005 12:06