AES in PHP is secure?

3

I am planning to deploy AES in an area of an intranet that is under development so that the user can save important data such as account passwords and passwords for accessing servers, as well as transferring data through an API for servers external, but I'm worried about security because I'm using a ready class: Link .

Could the question be raised if this class is safe enough for this type of implementation?

    
asked by anonymous 06.08.2015 / 06:47

1 answer

6

No. In general, it is only safe to use libraries that have undergone extensive scrutiny from experts in this area. Not only does the implementation need to be correct, but it needs to take into account things like side-channel attacks (ie attacks that exploit failures in the implementation of the algorithm, not in its logic). This is something that "common" developers are not qualified to evaluate.

However, in this case you do not have to go that far: a look at the source code revealed that it operates under the > ECB mode of operation :

public function encrypt($text)
{
    $t = ""; // 16-byte bloco
    $y = ""; // Para retorno do bloco cifrado.


    $xsize = strlen($text);
    for ($i = 0; $i < $xsize; $i += 16){
        for ($j = 0; $j < 16; $j++){
            if (($i+$j) < $xsize){
                $t[$j] = $text[$i+$j];
            }else{
                $t[$j] = chr(0);
            }
        }

        $y .= $this->encryptBlock($t);
    }

    return $y;
}

The ECB is a "naive" implementation of cryptography, the way a person who only studied their basics would implement it. And it is totally unsafe. The image below was encrypted using ECB, can you guess what it's all about?

Asforasecurealternative,unfortunatelyIknowlittleofPHPtoindicatesomething.Thefunctions mcrypt_generic and mdecrypt_generic should be good enough, but I do not know how to use them correctly. This answer in SOen also gives some suggestions that at first glance seem good (but again, I do not know how to evaluate). And if you have access to the OpenSSL , maybe there is some AES encryption option that you can use (although the focus of this library is public key cryptography).

Whichever solution you choose, be sure to choose a safe mode of operation and preferably authenticated ( CCM, GCM, EAX or OCB). AES is just a cryptographic primitive, not a complete protocol, you have to keep this in mind.

    
06.08.2015 / 08:39