HiveBrain v1.2.0
Get Started
← Back to all entries
patternphpMinor

Encryption-decryption method

Submitted by: @import:stackexchange-codereview··
0
Viewed 0 times
encryptiondecryptionmethod

Problem

My encryption algorithm

I'm using this algorithm in order to encrypt notes users save on my site:

function CasualPassword($lenght=527){
    $available_chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890"; 
    $password = ""; 
    for($i = 0; $i<$lenght; $i++){
        $password .= substr($available_chars,rand(0,strlen($available_chars)-1),1);
    } 
    return $password; 
  }
$key = CasualPassword();
$string = nl2br($_POST['nota']);
for ($i = 0; $i < strlen($string); $i++ ) {
   $temp = $string[$i] ^ $key[$i % strlen($key)];
   $crypt .= str_pad( dechex( ord( $temp ) ), 2, 0, STR_PAD_LEFT);
}
$encryptednote = $key.'__'.$crypt;


So if I encrypted "Code review is awesome" I'd get something like this:


CB9A25T2g2kgSmeUAtFu6h2vOeVPMLOONMOFGh8nYhJrKoCKXH6TpwF4QaJcmYrzk66rd3U3ZekjJmuhuq1Zc6TtWdL923ybytIRldKB9ulHWWoGCfgfa1OxTavKTklHUuZ7Oj8MTjTq69x9dUd5KsrdIdnbDPiY09UOhRa22uixtVvMqPH18zTGS7hWMGuLEEZmW1eNkCBTYwgECo6AdOGvLoIXu4jz90cUz7ia0juYWRdZ6YZYmgKyKTM6MvvKuNfkKDAKnuiABBZ8ZzVCVg2fzDbBzMMjarKkvKuZ6SZ8Uz5uoQwAwofmr8ngJ1GjhQKTb6sWOIUi9PSmfFmStI5bFi8PYEz7V0Qw59JIHdrFsAsOFUhzdbQj0OyYSnVnnlZikjrrCYxvYfAe1hTT0j39xrXFUst9UJg5sNmvmZgA5hevFyEEX8DLoaR0JA8dJeX2r0mTZJUTqzFvnJ1BH4MwTdvcet7nNTe6THOsRjC8ZHtDRkEZdRLwv7PPpL44fYyzfDiwnkuCseF__002d5d24124731440e571c473a1e45343611351a5b0d

Or this:


6sa9JEQHpMmvwapMLUPlVKbVSSXgbbPWJpVSulZZyCKkc1xoKCPfMr1fAOBbpQyz7JHqvhGjjQKCH9qRB6xOnotn3vEiC3X9CfpxCvXmChpJfVbhROv53eivPmTRfrQhM6UPrs3uQi4w4VTLjEGcioNyRhGxPWUbSpr0XktoInaC0tOixUBW0OKRwQEBnZd6EL6cvpG5Tg7SQK2Df3afHlw4216fPYbUjWxVC4PVaMorXfv3XLXewKYoBTJQrllR8YnAS4WtGAadgLW4XuYJ5wy6G9MxjyFhMthfm4Os5pMa2iUOSsYMfNIlLUZvIfSVO112uFkovwEmUZ2nHPznd9OoSoZbJsxYjoQTt19fnCH9b9ljObMrZbWsFwKPf8oEl5XVvV1YY9X180aLam41EPjKCtahrElT99puUgIsegjbf0n7mgwrwV2yFRVwW7GV6vFPRO9wuiNPh1LKX92JUs8ZASMWPSrKExaWBYIv7VBeMNojLfsfOp6O9HlNaTXeGx2IM04JV6nhISH__751c055c6a37343e19281a561e12502c3b3023033b2e

My decryption algorithm

```
$separate = explode("__",$encryptednote);
$key =$separate[0];
$cr

Solution

Security

Encryption

This is not secure.

You are sending out the key with the encrypted message, so anyone getting their hands on your code (us right now, for example), can easily decode any message. Security through obscurity is not real security.

And as I mentioned in the comments, coding for experience is good, but don't code your own hashing or encryption mechanisms.

Better Encryption

Since you asked for existing alternatives: use mcrypts mcrypt_encrypt and mcrypt_decrypt.

I think that the example from the PHP website linked above isn't all that bad. Here is another example for how to use (somewhat insecure) encryption in PHP. It clearly separates between encrption and decryption (which the PHP website example does not), but it uses CFB instead of CBC (which is fine for that example, but for your case CBC would be better).

As mentioned here in the comments as well as on the PHP website, both examples are not secure. They do not check the integrity or authenticity, and they are not protected against padding oracle attacks.

To prevent this, use Encrypt-then-MAC. Here you can find a description of the necessary steps for secure encryption, and here is an encryption implementation that looks ok.

SQL injection

Please read up on SQL injection and how to prevent them (use prepared statements). Your code is (or might be) vulnerable right now. Here:

$drop = "DELETE FROM notes WHERE id='".$_GET['del']."' and username='".$user."'";


And also here:

$query = "INSERT INTO  `notes` (
[...]


XSS

You are also open to XSS attacks here:

echo $string


See here how to prevent XSS.
Other

  • use camelCase for function and variable names (so CasualPassword becomes casualPassword.



  • consistency: either always use $i++ in loops or $i+=2.



  • consistency: put spaces before and after equals (key =$separate[0];).

Code Snippets

$drop = "DELETE FROM notes WHERE id='".$_GET['del']."' and username='".$user."'";
$query = "INSERT INTO  `notes` (
[...]
echo $string

Context

StackExchange Code Review Q#61867, answer score: 3

Revisions (0)

No revisions yet.