PHP - Using a Unix Timestamp as a key?

Question

So, I've been looking into encryption lately, and I've heard of people using timestamps as keys for encryption. I think this is a great idea, but if I want to decrypt the data, how would I retrieve that specific timestamp? Timestamps are unique, and I'm not really sure how this would work.

EDIT: I am using PHP and MYSQL

Answer 1

I don't want to hurt your feelings, but...

It is very obvious that you have never studied crypto.

So, please do not design your own cryptographic protocols, and do not assemble cryptographic primitives yourself either (like the "WiFi" designers/amateurs cryptologists did with WEP).

Protocols designed to meet specific security goals (I am not saying "secure protocols" on purpose) have been invented and implemented by specialists.

You first need to define your security goals, then choose an adequate protocol.

Answer 2

Timestamps make awful keys. A program could blaze through all possible keys in the blink of an eye.

The time is often used a component is priming a random number generator. It can't be the only component for the same reason it can't be used as a key, though.

The time could be used semi-successfully as the salt for a hashing algorithm. It's still not as good as something random since it allows the attacker to generate rainbow tables in advance.

Answer 3

The only way would be to save the timestamp. (assuming there is no backdoor to your encryption, which would nullify it's purpose)

What I would do is save the timestamp along with the encrypted string in a different format Ex: 09/21/2011 03:09:53 and use a combination of strtotime() and salting to store both bits of information in a secure manor.

09/21/2011 03:09:53 becomes 13165--Salt--74593

Answer 4

Two problems here.

You would need to store the timestamp somewhere. So why not just use "rand()" and store that.

Its possible to get hundreds of duplicate timestamps on a modern multi-threaded, multi-core processor. So you may as well just use date().

Answer 5

Er, usually timestamps are used as the basis for generating keys - not as the key itself. The key is something you have to store for later if you want to be able to decrypt the data.