blocks|key|1933170|text|IV通常是保证加密文本是唯一的随机数。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1933171|为了解释为什么需要它，让我们假设我们有一个用密钥“secret”加密的人名数据库，没有IV。|1933172|1+John+dsfa9p8y098hasdf
2+Paul+po43pokdfgpo3k4y
3+John+dsfa9p8y098hasdf|code-block|syntax|javascript|1933173|如果约翰1知道他的密文(dsfa9p8y098hasdf)并可以访问其他密文，他就可以很容易地找到其他叫约翰的人。|1933174|现在实际上，需要IV的加密模式将始终使用IV。如果不指定IV，它会自动设置为一堆空字节。想象一下第一个例子，但是有一个常量IV+(00000000)。|1933175|1+John+dsfa9p8y098hasdf+00000000
2+Paul+po43pokdfgpo3k4y+00000000
3+John+dsfa9p8y098hasdf+00000000|1933176|为了防止重复的密文，我们可以使用相同的“秘密”密钥和随机IV对名称进行加密：|1933177|1+John+sdf875n90mh28458+45gh3546
2+Paul+fg9087n5b60987nf+56897ngq
3+John+gjhn0m89456vnler+8907345f|1933178|如你所见，两个'John‘密文现在是不同的。每个IV都是唯一的，并且影响了加密过程，使得最终结果也是唯一的。John+1现在不知道用户3的名字是什么。|1933179|解密需要使用与加密文本相同的IV，这就是为什么必须将其存储在数据库中的原因。如果没有密钥，IV就没有用处，因此与加密文本一起传输或存储它是无关紧要的。|1933180|这是一个过于简单的例子，但事实是，不使用IV会产生严重的安全后果。|1933181|1933182|现在，您的代码似乎正在设置IV+(1234567812345678)，但在解密时没有使用它。这肯定会失败。|1933183|您可能还想利用PHP的一些IV生成函数。我认为这对你来说应该是有效的：|1933184|$iv_size+=+mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,+MCRYPT_MODE_CBC);
$iv+=+mcrypt_create_iv($iv_size,+MCRYPT_RAND);
$encryptedMessage+=+openssl_encrypt($textToEncrypt,+$encryptionMethod,+$secretHash,+0,+$iv);
$decryptedMessage+=+openssl_decrypt($encryptedMessage,+$encryptionMethod,+$secretHash,+0,+$iv);|1933185|对于存储/传输，您可以简单地连接IV和密文，如下所示：|1933186|$data+=+$iv.$encryptedMessage;|1933187|然后在取回时，取出静脉输液进行解密：|1933188|$iv_size+=+mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,+MCRYPT_MODE_CBC);
$iv+=+substr($data,+0,+$iv_size);
$decryptedMessage+=+openssl_decrypt(substr($data,+$iv_size),+$encryptionMethod,+$secretHash,+0,+$iv);|1933189|1933190|有关更多信息，请查看PHP的Mcrypt库。它功能齐全，有大量的示例，其中许多可以帮助您实现openssh加密。http://php.net/manual/en/function.mcrypt-encrypt.php|offset|length|1933191|entityMap|0|LINK|mutability|MUTABLE|url|http://php.net/manual/en/function.mcrypt-encrypt.php^0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|1K|1G|0|0^^$0|@$1|2|3|4|5|6|7|1Q|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|1R|8|@]|9|@]|A|$]]|$1|D|3|E|5|F|7|1S|8|@]|9|@]|A|$G|H]]|$1|I|3|J|5|6|7|1T|8|@]|9|@]|A|$]]|$1|K|3|L|5|6|7|1U|8|@]|9|@]|A|$]]|$1|M|3|N|5|F|7|1V|8|@]|9|@]|A|$G|H]]|$1|O|3|P|5|6|7|1W|8|@]|9|@]|A|$]]|$1|Q|3|R|5|F|7|1X|8|@]|9|@]|A|$G|H]]|$1|S|3|T|5|6|7|1Y|8|@]|9|@]|A|$]]|$1|U|3|V|5|6|7|1Z|8|@]|9|@]|A|$]]|$1|W|3|X|5|6|7|20|8|@]|9|@]|A|$]]|$1|Y|3|-4|5|6|7|21|8|@]|9|@]|A|$]]|$1|Z|3|10|5|6|7|22|8|@]|9|@]|A|$]]|$1|11|3|12|5|6|7|23|8|@]|9|@]|A|$]]|$1|13|3|14|5|F|7|24|8|@]|9|@]|A|$G|H]]|$1|15|3|16|5|6|7|25|8|@]|9|@]|A|$]]|$1|17|3|18|5|F|7|26|8|@]|9|@]|A|$G|H]]|$1|19|3|1A|5|6|7|27|8|@]|9|@]|A|$]]|$1|1B|3|1C|5|F|7|28|8|@]|9|@]|A|$G|H]]|$1|1D|3|-4|5|6|7|29|8|@]|9|@]|A|$]]|$1|1E|3|1F|5|6|7|2A|8|@]|9|@$1G|2B|1H|2C|1|2D]]|A|$]]|$1|1I|3|-4|5|6|7|2E|8|@]|9|@]|A|$]]]|1J|$1K|$5|1L|1M|1N|A|$1O|1P]]]]

An IV is generally a random number that guarantees the encrypted text is unique.

To explain why it's needed, let's pretend we have a database of people's names encrypted with the key 'secret' and no IV.

<pre><code>1 John dsfa9p8y098hasdf
2 Paul po43pokdfgpo3k4y
3 John dsfa9p8y098hasdf
</code></pre>

If John 1 knows his cipher text (dsfa9p8y098hasdf) and has access to the other cipher texts, he can easily find other people named John.

Now in actuality, an encryption mode that requires an IV will always use one. If you don't specify an IV, it's automatically set to a bunch of null bytes. Imagine the first example but with a constant IV (00000000).

<pre><code>1 John dsfa9p8y098hasdf 00000000
2 Paul po43pokdfgpo3k4y 00000000
3 John dsfa9p8y098hasdf 00000000
</code></pre>

To prevent repeated cipher texts, we can encrypt the names using the same 'secret' key and random IV's:

<pre><code>1 John sdf875n90mh28458 45gh3546
2 Paul fg9087n5b60987nf 56897ngq
3 John gjhn0m89456vnler 8907345f
</code></pre>

As you can see, the two 'John' cipher texts are now different. Each IV is unique and has influenced the encryption process making the end result unique as well. John 1 now has no idea what user 3's name is.

Decryption requires the use of the same IV the text was encrypted with of course, which is why it must be stored in the database. The IV is of no use without the key so transmitting or storing it with the encrypted text is of no concern.

This is an overly simplistic example, but the truth is, not using IV's has serious security ramifications.

<hr>

Now your code appears to be setting the IV (1234567812345678) but not using it on decryption. That's certain to fail.

You also may want to utilize some of PHP's IV generation functions. I think this should work for you:

<pre><code>$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$encryptedMessage = openssl_encrypt($textToEncrypt, $encryptionMethod, $secretHash, 0, $iv);
$decryptedMessage = openssl_decrypt($encryptedMessage, $encryptionMethod, $secretHash, 0, $iv);
</code></pre>

For storage/transmission, you can simply concatenate the IV and cipher text like so:

<pre><code>$data = $iv.$encryptedMessage;
</code></pre>

Then on retrieval, pull the IV out for decryption:

<pre><code>$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = substr($data, 0, $iv_size);
$decryptedMessage = openssl_decrypt(substr($data, $iv_size), $encryptionMethod, $secretHash, 0, $iv);
</code></pre>

<hr>

For more info, check out PHP's Mcrypt library. It's quite full featured and has tons of examples, many of which can help you out with openssh encryption implementations.
<a href="http://php.net/manual/en/function.mcrypt-encrypt.php">http://php.net/manual/en/function.mcrypt-encrypt.php</a>

I had a look at <a href="https://stackoverflow.com/questions/1391132/two-way-encryption-in-php">this</a> question, and wanted to do it for myself. When I ran this code (taken straight from <a href="https://stackoverflow.com/a/6639179/962144">this answer</a>):

<pre><code>$textToEncrypt = "My super secret information.";
$encryptionMethod = "AES-256-CBC"; // AES is used by the U.S. gov't to encrypt top secret documents.
$secretHash = "25c6c7ff35b9979b151f2136cd13b0ff";

//To encrypt
$encryptedMessage = openssl_encrypt($textToEncrypt, $encryptionMethod, $secretHash, '1234567812345678');

//To Decrypt
$decryptedMessage = openssl_decrypt($encryptedMessage, $encryptionMethod, $secretHash);

//Result
echo "Encrypted: $encryptedMessage &lt;br&gt;Decrypted: $decryptedMessage";
</code></pre>

However I get the warning

<pre><code>openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended
</code></pre>

So I went and had a look at the <a href="http://www.php.net/manual/en/function.openssl-encrypt.php" rel="noreferrer">docs</a>, but there 'is no documentation'. I found this <a href="http://www.php.net/manual/en/function.openssl-encrypt.php#99188" rel="noreferrer">comment</a>, but still no mention of what the Initialization Vector should be and how I should use it. Can anyone enlighten me?

I know I could have done some more Googleing, but Stackoverflow comes up first in so many search results I thought this question might be useful to anyone else who was having this problem.

Use of Initialization Vector in openssl_encrypt

数据库

我看了一下的问题，想为自己做一件事。当我运行这段代码(直接取自)时：$textToEncrypt = "My super secret information.";$encryptionMethod = "AES-256-CBC";  // AES is used by the U.S. gov't to encryp...

问初始化向量在openssl_encrypt中的使用
EN

社区

活动

资源

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问初始化向量在openssl_encrypt中的使用EN

社区

活动

资源

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问初始化向量在openssl_encrypt中的使用
EN