Reputation: 2606
php mcrypt encryption without IV
I need to use a encryption mechanism. I chose mcrypt as it is available and for its examples. But I see generation time is too much. When I use IV as in given examples, It taken lot of time while when I removed it it generate encrypted value instantly.
// Code example using IV
$ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($ivSize, MCRYPT_DEV_RANDOM);
$encryptedString = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $encryptionKey, utf8_encode($origString), MCRYPT_MODE_ECB, $iv);
return base64_encode($encryptedString);
// Code example without IV
$encryptedString = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $encryptionKey, utf8_encode($origString), MCRYPT_MODE_ECB);
return base64_encode($encryptedString);
So if there are any big security issues with encryption without using IV ?
Upvotes: 3
Views: 1608
Answers (1)
Reputation: 14801
DEV_RANDOM generates random integers from /dev/random or equivalent, which listens to unpredictable data such as mouse movement, keyboard strokes etc to generate secure data. If there are no keystrokes etc., it just waits until there is enough data... and that's why it's slow.
DEV_URANDOM uses /dev/urandom or equivalent and while it may use the data above too, in addition to that, it combines pseudorandom number generators to supply you with random data in real time (which is more predictable, but this often doesn't matter.)
They are used to determine the way IVs are constructed.
Now onto IVs.
IVs are used to derive initial seed for random functions used by the encryption functions.
You use ECB. The first thing to notice is that ECB doesn't use IV, so what you wrote doesn't make sense; if you use ECB you can skip creating IVs altogether and you will be able to decrypt your data without problems. But the other thing is that you shouldn't use ECB. ECB encodes your data so that every block with the same data is going to look the same. CBC on the other hand xors every block with data from previous block (and for this, it needs IV). To demonstrate the difference between these, look at this:
From left to right: original image, image encoded with ECB mode and image encoded with CBC mode.
If you want to use CBC, you also should regenerate IV for each piece of data you encrypt separately, otherwise is just as bad as using ECB. Regenerating IVs each time prevents repetition-based attacks.
Finally, if you use CBC, you will need to store its IV so that you can decrypt the text later. If you don't, you will get garbage. Fortunately enough, most encryption algorithms are designed so that IVs can be public, so you don't have to worry about keeping IVs in secret.
TL;DR: use CBC with public IVs regenerated for each data separately.
(Also... if you don't care about decrypting, you might be interested in cryptograhic hashes instead.)
Upvotes: 4
Related Questions
- cipher class and mcrypt_create_iv is slow at times
- PHP and mcrypt_decrypt(): warning about "initialization vector size"
- Encryption: Use of initialization vector vs key?
- Speed of different PHP mcrypt algorithms
- Whats is the best way to encrypt a big array with AES in PHP?
- How do I use MCRYPT in PHP to encode AES128 with IV?
- proper PHP mcrypt encryption methods?
- PHP - Replacing mcrypt_create_iv() with openssl_random_pseudo_bytes()
- Using PHP mcrypt with Rijndael/AES
- mcrypt performance