I am encrypting values of variables that I am sending through hyper link such that it is not easily editable by user..Suppose I have list of values that are shown in hyper link.
<?=$row['p_name'] ?>
Now I want to navigate to view.php where I want to get back value of $row['p_id'] from the title. Is their any way to do So? What are other functions that encrypt on manage.php and decrypt again view.php page?
You appear to be confusing encryption and integrity assessment.
Integrity assessment:
If your purpose is detect when the user modified the values passed on the URL, a hash code (sometimes known as a Message Digest or a Checksum), such as one produce with SHA256 can suffice.
Simply add the URL an extra parameter value with a hash code. This hash code value can be produced by feeding the hash algorithm with the values which integrity you wish to assert, maybe along an extra secret "key" value (aka "salt"). Upon receiving a request, first verify that the hash produced by the values on the URL matches the hash of the URL; if it doesn't at least one value on the URL was altered.
Encryption:
If your purpose is to hide from the user and others what kind of data/values are passed on the URL, encryption is necessary. Unlike a hash, Encryption algorithms can be reversed and produce back the original input from the encrypted text.
In most cases, encryption can also provide data integrity validation, because it is difficult for someone to alter the encrypted text in a way that it can be decrypted to a structurally valid text. Many encryption algorithms are such that altering even just one or two bytes in the encrypted text, results in producing "gibberish" at decryption time.
Practical suggestions with PHP:
for hashing, use one of: crc32(), md5() and the like. (or also hash() as shown in the question's code snippet).
for encryption, use mcrypt_encrypt() / mcrypt_decrypt() from the MCrypt module
depending on the algorithms used, remember to convert the encrypted output base64 or other format so that it can be part of a URL (many hashing and encryption methods produce binary data that include many characters susceptible of "breaking" urls)
if you don't need more secret encrypt ,try using base64_encode/base64_decode
If you only need the data to be tamper proof you could use hash_hmac
Related
I asked a question here and I manage to partially implement the advice. Data is now stored encrypted in binary field (varbinary(500)), after I remove the aes-256 encryption and I leave aes-128 (default) codeigniter encryption.
However, I have some questions, and I can't find answers, since I can not find many articles on this subject, so If anyone can answer my questions, or point me to a book, or any other literature for further reading, I would be very grateful.
Why encrypted data must be stored in binary type field? What is wrong with storing it in longtext, or varchar? Does that make the encryption worthless?
Why I must first encode the variable and then encrypt it when I store the data in the binary type of field, and I don't have to do that when I store the data in varchar field?
base64_encode($clientName);
$encClientName = $this->encryption->encrypt($clientName);
In my previous question (see the link on the top) I have been advised to use nonce. Since I didn't know how to use that with codeigniter library, I didn't implement that part. Does that make my data less secure? Can anyone post any snippet code of how to use nonce with the codeigniter?
Again, any link to reading material on this subject (storing encrypted data in the database with php) will be deeply appreciated.
Why encrypted data must be stored in binary type field? What is wrong with storing it in longtext, or varchar? Does that make the encryption worthless?
Encrypted data is binary. It will frequently contain byte sequences which are invalid in your text encoding, making them impossible to insert into a column which expects a string (like VARCHAR or TEXT).
The data type you probably want is either VARBINARY (which is similar to VARCHAR, but not a string) or BLOB (likewise, but for TEXT -- there's also MEDIUMBLOB, LONGBLOB, etc).
Why I must first encode the variable and then encrypt it when I store the data in the binary type of field, and I don't have to do that when I store the data in varchar field?
You don't. This is backwards.
If you were going to use a string-type column to store encrypted data, you could "fake it" by Base64 encoding the data after encryption. However, you're still better off using a binary-type column, at which point you don't need any additional encoding.
In my previous question (see the link on the top) I have been advised to use nonce. Since I didn't know how to use that with codeigniter library, I didn't implement that part. Does that make my data less secure?
Based on what I'm seeing in the documentation, I think the CodeIgniter Encryption library handles this for you by default. You shouldn't have to do anything additional.
In addition to duskwuffs answer, I covered your questions from a more crypto-related viewpoint. He just managed to post a minute before I did :)
Encrypted data must be stored in a binary type field due to the way that Character Encodings work. I recommend you read, if you haven't already, this excellent article by Joel Spolsky that details this very well.
It is important to remember that encryption algorithms operate on raw binary data. That is, a bit string. Literal 1's and 0's that can be interpreted in many ways. You can represent this data as unsigned byte values (255, 255), Hex (0xFF, 0xFF), whatever, they are really just bit strings underneath. Another property of encryption algorithms (or good ones, at least) is that the result of encryption should be indistinguishable from random data. That is, given an encrypted file and a blob of CSPRNG generated random data that have the same length, you should not be able to determine which is which.
Now lets presume you wanted to store this data in a field that expects UTF8 strings. Because the bit string we store in this field could contain any possible sequence of bytes, as we discussed above, we can't assume that the sequence of bytes that we store will denote actual valid UTF8 characters. The implication of this is that binary data encoded to UTF8 and then decoded back to binary is not guaranteed to give you the original binary data. In fact, it rarely will.
Your second question is also somewhat to do with encodings, but the encoding here is base64. Base64 is a encoding that plays very nicely with (in fact, it was designed for) binary data. Base64 is a way to represent binary data using common characters (a-z, A-Z, 0-9 and +, /) in most implementations. I am willing to bet that the encrypt function you are using either uses base64_decode or one of the functions it calls does. What you should actually be interested in is whether or not the output of the encrypt function is a base64 string or actual binary data, as this will affect the type of data field you use in your database (e.g. binary vs varchar).
I believe in your last question you stated that you were using CTR, so the following applies to the nonce used by CTR only.
CTR works by encrypting a counter value, and then xor-ing this encrypted counter value with your data. This counter value is made up of two things, the nonce, and the actual value of the counter, which normally starts at 0. Technically, your nonce can be any length, but I believe a common value is 12 bytes. Because the we are discussing AES, the total size of the counter value should be 16 bytes. That is, 12 bytes of nonce and 4 bytes of counter.
This is the important part. Every encryption operation should:
Generate a new 12 byte nonce to use for that operation.
Your implementation should add the counter and perform the actual encryption.
Once you have the final ciphertext, prepend the nonce to this ciphertext so that the result is len(ciphertext) + 12) bytes long.
Then store this final result in your database.
Repeating a nonce, using a static nonce, or performing more than 2^32 encryption operations with a single 12 byte nonce will make your ciphertext vulnerable.
I've been playing around with php mcrypt over the weekend with AES used to encrypt text strings with a key. Later I worked up a tiny php tool to encrypt / decrypt your strings with AES/mcrypt now when the key is "wrong" and the text doesn't get decrypted, you end up with what I think is binary from what I've read around (http://i.imgur.com/jF8cZMZ.png), is there anyway in PHP to check if the variable holds binary or a properly decoded string?
My apologies if the title and the intro are a bit misleading.
When you encrypt text and then try to decrypt it, you will get the same text, but when you try to decrypt random data, there is a small chance that the result will be text (decreasing with length of data). You haven't specified what kind of data we are talking about, but determining if the decryption is successful by applying a heuristic is a bad idea. It is slow and may lead to false positives.
You should have a checksum or something like that to determine if the decrypted result is valid. This could be easily done by running sha1 on the plaintext data, prepend the result to the text and encrypt it as a whole. When you decrypt it, you can split (sha1 output has a fixed size, so you know where to split) the resulting string run sha1 on the text part and compare with the hash part. If it matches you have a valid result. You can of course improve the security a little by using SHA-256 or SHA-512.
That's is just one way of doing it, but might not be the best. Better ways would be to use an authenticated mode of operation for AES like GCM or CCM, or use encrypt-then-MAC with a good MAC function like HMAC-SHA512.
With using the approaches above you're free to use any kind of data to encrypt, because you're not limited to determining if it is text or not anymore.
While using Laravel, I recently noted that when it encrypts a value the encrypted string keeps changing.
For example
ecrypt('abc') returns xyzABCDXZY
But if I run the same function a little while later:
ecrypt('abc') returns xyzABDJSAS
Now this has me really really confused. If the encryption result is different for each time the function is called how on earth are they able to get back the original value (abc in this case) upon calling the decrypt function?
I suppose it has something to do with the encryption function but I can't for the life of me figure out what and how. Can someone shed some light on this? Thanks.
in fact it may be able to decrypt it, for example, the encryption algorithm can embed a variable in the encrypted data besides the plain text which was encrypted ( like a seed value ) and so the algorithm would
1) encryption: generate a seed, use that seed to cipher the data, hide the seed inside the ciphered data ,produce the final ciphered data
2) decryption: read the encrypted data, get the hidden seed and apply this to get the plain text
in all cases, the plain text data would be the same.
How can I Decode the md5, crc32, and sha1, below is xml file and then is code I'm using to get data so far.
<files>
<file name="AtTheInn-Germany-Morrow78Collection.mp3" source="original">
<format>VBR MP3</format>
<title>At the Inn - Germany - Morrow 78 collection</title>
<md5>056bbd63961450d9684ca54b35caed45</md5>
<creator>Germany</creator>
<album>Morrow 78 collection</album>
<mtime>1256879264</mtime>
<size>2165481</size>
<crc32>22bab6a</crc32>
<sha1>796fccc9b9dd9732612ee626c615050fd5d7483c</sha1>
<length>179.59</length>
</file>
And this is code I'm using to get title and album name how can I make sense of sha1 and md5, any help to any direction will be helpful, Thanks
<?php
$search = $_GET['sku'];
$catalogfile = $_GET['file'];
$directory = "feeds/";
$xmlfile = $directory . $catalogfile;
$xml = simplexml_load_file($xmlfile);
list($product) = $xml->xpath("//file[crc32 = '$search']");
echo "<head>";
echo "<title>$product->title</title>";
MD5, SHA-1, and CRC32 are hash functions. That means that they cannot be reversed.1 You'd have more luck looking into that name attribute of the file tag.
1 You can2 brute-force them, but since they can represent variable-length data as a fixed-length piece of data, due to the pigeonhole principle and just plain probability, you're more likely to get something that's not the original input than the original input.
2 It'll take forever for SHA-1, though.
Hash functions generate numbers that represent some arbitrary data. They can be used to verify if the data has changed (a good hash function should produce a totally different hash for even a single bit has changed).
Since you are turning an arbitrary amount of data in a number as a result you loose information, this means that it's hard to reverse them. Technically there is an infinite number of possible results for a hash as the data can be any length. For limited data sizes its still possible for there to be multiple data values for a specific hash, this is called a collision.
For some data sets (for example passwords) you can generate all possible combinations of data and check to see if they match a hash. If you do the generation at the same time as the checking it's known as 'brute forcing'. You can also store all possible combinations (for a limited range, for example all dictionary works or all combinations of characters under a specific size), then look it up. This is known as a rainbow table and is useful for reversing multiple hashes.
It's good practice to store passwords as a hash rather than in plain text but to ensure the passwords are hard to reverse they add a bit of random data to each one and store it along with the passwords, this is known as salting. This salt means it takes much longer to brute force a password.
In this case they are probably hashes of the mp3 file that is specified to verify file integrity and show any corruption that occurs during transfer (or storage). It won't be possible to reverse them since you would have to generate all possible combinations of megabytes of data. But if you have the file itself there wouldn't be any reason too. You can confirm they are hashes of the file by running a checksum generating program on it.
Is there a way in PHP to test if a string has been encrypted using mcrypt_encrypt?
You have not written what you're actually concerned about specifically, but:
Whether or not some data has been encrypted is not dependent on which encryption function has been used but which encryption algorithm. Say, if somebody has encrypted something in PERL or in PHP - you can't tell by having the encrypted string.
So as this applies, you can't tell for mcrypt_encrypt. That function does not leave any sign inside the encrypted data.
However, if you have the key and the original text (plain) as well as the algorithm, you can reverse what mcrypt_encrypt does with mcrypt_decrypt. You can then compare the plains and if they match you can say that the plain was encrypted with the specific key and algorithm.
As we're talking about encryption, this is normally not the case, you don't have the plain.
However, you can create a checksum of the plain and encrypt it as well. Then you can decrypt it later on and compare it with a checksum of the plain you encrypted as well to tell if the data was successfully decrypted. But as this shows, this is actually additional information next to the encrypted data.
If you add more information what you're looking for, it might be possible to give more helpful suggestions.
when encrypting add some static text to your string ; when cheking use mcrypt_encode again with static text this time without original string see if encrypted static text exist in encrypted string . it should work
Presumably you mean mcrypt_encrypt()? There is no mcrypt_encode() function.
No. A properly encrypted string should be indistinguishable from random garbage. The only way to test a crypted string to see if it's crypted is to decrypt it.