Page 1 of 2 12 LastLast
Results 1 to 25 of 27

Thread: Encryption

  1. #1
    Join Date
    Jun 2002
    Posts
    302

    Encryption

    I am looking for a way to decrypt information in a way that would make it retrievable only given a specific string key used to decrypt it. I want to incorporate this kind of encryption into a php application. Is there a simple way to do this?

  2. #2
    Join Date
    May 2002
    Location
    Durham - UK
    Posts
    450
    For a secure encryption this is not going to be possible, although it would be a very useful function if it was available.
    Barry
    UK Based Freelance PHP Developer
    PHP/SQL/Ajax/HTML5 - Contact for Quote

  3. #3
    what's wrong with using mcrypt?

    http://us4.php.net/mcrypt

    -c

  4. #4
    Join Date
    Aug 2004
    Location
    Miami
    Posts
    65
    * mcrypt works fine for crypt/decrypt (Remember to check if hosting has the extension installed, doesn't install by default)
    * mhash works fine for crypt/decrypt but it has the same problem that mcrypt does.
    * pear has some good hash functions that allow you to encrypt/decrypt without the actual need of compiling php with it. - http://pear.php.net/packages.php?cat...ame=Encryption (There are several encryption levels like CBC, HMAC, RCA. The benefists is that it doesn't require php extensions, the drawbacks is that is a bit slower - althought for personal tests it's not very significant)

    Another alternative is md5 (it actually doesn't descrypt it but rather compares it)

    EG: You have some string encrypted with md5 - something like xx3fds34gfdgfdgd543dfsfsdfs and what you do is not decrypt it but actually compare the md5 of the string to the encrypted value rather than decrypting and it will return true or false if it's good or wrong. If what you are looking for is a login system, md5 is the way to go, that's what professional scripts do like vbulletin, etc... rather than decrypting it it will compare the md5's

  5. #5
    Please don't confuse a cipher with a hash. A cipher will rely on a 'key' while a hash will rely on a seed. You can't get back what you hash, like ezCore said, you have to compare.

    Also mhash is nothing like mcrypt, it is just what it says, a hash it does not encrypt/decrypt so i don't see how you can compare the two.

    If you really want to encrypt/decrypt stuff stick with a real algorithm like 3DES or one of the 'fishes. If you want to hash, MD5 is a great choice. If you post up your requirements for security/speed/ease of use I can assist you in choosing an algorighm.

    -c

  6. #6
    Join Date
    Jun 2002
    Location
    San Diego, California
    Posts
    788
    You can *very* easily get back a hash, you just have to know how to do it.

  7. #7
    Ok then, tough guy.

    My root password md5hash is:

    3b7188536f24d6807242f12e0b18f9c8

    Figure it out, and I will tell you the IP of the machine. I also have a personal message in there for you should you find it.

    BTW this is my 666th post... eeeeee!
    "The only difference between a poor person and a rich person is what they do in their spare time."
    "If youth is wasted on the young, then retirement is wasted on the old"

  8. #8
    Originally posted by Tee
    You can *very* easily get back a hash, you just have to know how to do it.
    You cant "get back" a hash big hacker man, as they stated above, you have to compare.

    You cant go a -> skljl34jlja3ljj3a -> a
    you have to go.

    if(md5(1) = skljl34jlja3ljj3a)( YAY!)
    if(md5(2) = skljl34jlja3ljj3a)( YAY!)
    if(md5(3) = skljl34jlja3ljj3a)( YAY!)
    if(md5(4) = skljl34jlja3ljj3a)( YAY!)

    and so on through the whole alphabet.

    You cant just decode hashes you have to break them.

  9. #9
    So to sum up what he said, basically a bruteforce attack.

    Why not just bruteforce the password itself, not its hash?

    This shows the useful nature and security of hashing.
    "The only difference between a poor person and a rich person is what they do in their spare time."
    "If youth is wasted on the young, then retirement is wasted on the old"

  10. #10
    Join Date
    Feb 2003
    Location
    Seattle, WA
    Posts
    33
    There have been programs created which "decrypt" md5 hashes in about 40 minutes, however the data files they use are approx 45gb last time I checked, and are not available to the public (although you can submit an md5 to be decrypted).

    Notice I put "decrypt" in quotes, because that's not really what it's doing. Any number of different things can evaluate to the same md5 hash. What the program really does is find a string that, when md5 encoded, will evaluate to that hash. The easy solution to this problem is to include a salt, which makes the whole process much more difficult to break. So basically, instead of:
    PHP Code:
    $password "blah";
    $hash md5($password);
    if (
    $md5($password) == $hash)
    {
        echo 
    "yay!";

    you get:
    PHP Code:
    $password "blah";
    $salt "decodethis!"
    $hash md5($password.$salt);
    if (
    $md5($password.$salt) == $hash)
    {
        echo 
    "yay!";


    BTW the md5 thing was slashdotted, you can find more info at this page

  11. #11
    Join Date
    Jun 2002
    Posts
    302
    Originally posted by white_2kgt
    ...If you really want to encrypt/decrypt stuff stick with a real algorithm like 3DES or one of the 'fishes. If you want to hash, MD5 is a great choice. If you post up your requirements for security/speed/ease of use I can assist you in choosing an algorighm.

    -c
    Thank you white_2kgt and ezCore.

    What I am looking for is not something like MD5 but a way to store information securely so that even if someone breaks into my database they won't be able to read what they find (or at least won't be able to do so easily). The idea is to allow users store personal information only they can access with a secret key that would make the information available to them only.

    The encryption should to be reasonably hard to break, but since users are not supposed to store sensitive information such as credit card numebrs, ease of use and speed are more important than total security. I don't think anybody will ever bother to try to break into my database -- I just want to make users feel they don't have to worry too much about storing information on the system.

  12. #12
    Join Date
    Jun 2002
    Location
    San Diego, California
    Posts
    788
    http://eprint.iacr.org/2004/199.pdf *cough* ahem, oh btw innova ill be pming you shortly.

  13. #13
    Originally posted by BluParadox
    There have been programs created which "decrypt" md5 hashes in about 40 minutes, however the data files they use are approx 45gb last time I checked, and are not available to the public (although you can submit an md5 to be decrypted).

    Notice I put "decrypt" in quotes, because that's not really what it's doing. Any number of different things can evaluate to the same md5 hash. What the program really does is find a string that, when md5 encoded, will evaluate to that hash. The easy solution to this problem is to include a salt, which makes the whole process much more difficult to break. So basically, instead of:
    BTW the md5 thing was slashdotted, you can find more info at this page
    That program is just a brute force attack that is stored into a database. Since you can go through the database faster then you could generate the hashes, it is slightly faster then just a normal brute force, but it wont break every hash (well it would, but it would take petabytes and thousands of years with current processing strength). It still wont break a strong password.

  14. #14
    Join Date
    Aug 2004
    Location
    Miami
    Posts
    65
    Go for a encrypt/decrypt function available at php's pear and you will be fine. Ignore all the rest

  15. #15
    Join Date
    Feb 2003
    Location
    Seattle, WA
    Posts
    33
    Originally posted by f0urtyfive
    That program is just a brute force attack that is stored into a database. Since you can go through the database faster then you could generate the hashes, it is slightly faster then just a normal brute force, but it wont break every hash (well it would, but it would take petabytes and thousands of years with current processing strength). It still wont break a strong password.
    I know it's just a brute force attack, but I thought I'd mention that methods exist that are fast enough to be plausable for cracking simple passwords.

  16. #16
    Join Date
    Jan 2003
    Location
    Europe
    Posts
    234
    that's not a brute force, that's a dictionary based attack

  17. #17
    innova, noone will be able to tell you what you 'password' is but we can get another string that will hash to that string, quite easily as a matter of fact. You're password might be '!u&tGn' but using a brute force method you might get 'aaatrhh' that when MD5'd will result in '!u&tGn', either 'aaatrhh' or your 'real' root password would let me in the system. This was a problem with message boards that used the php md5 function, if there were the same members on 2 different boards and one board admin brute force attacked the hash of a member on his board he could take the result and log in as that user on another message board. This is one reason why vBulletin has added a 'salt' to their password hash function, even if the password is the same the salt won't be and it is unique to each board. Making the process harder. I'd suggest changing your root password .

    Originally posted by okok
    Thank you white_2kgt and ezCore.

    What I am looking for is not something like MD5 but a way to store information securely so that even if someone breaks into my database they won't be able to read what they find (or at least won't be able to do so easily). The idea is to allow users store personal information only they can access with a secret key that would make the information available to them only.

    The encryption should to be reasonably hard to break, but since users are not supposed to store sensitive information such as credit card numebrs, ease of use and speed are more important than total security. I don't think anybody will ever bother to try to break into my database -- I just want to make users feel they don't have to worry too much about storing information on the system.
    In your situation, I'd go with 3DES in CBC mode, using CBC will give you enhanced security over EBC and still retain the speed. Now you have to figure out how to securely store the 'key'.

    -c

  18. #18
    Lets take this thread further, as it really clears up some nice things.

    I know that there are collisions in MD5, in terms of probability it is guaranteed there are a LOT of collisions.

    What the other guy refers to is a huge table of known md5 hashes and the strings that produced them. Essentially a massive bruteforce effort, I was wondering when/if someone would generate such a list.

    That isnt my root password BTW - just trying to get you all excited.

    As for storing data securely.. its obvious that hash functions arent intended for this purpose.

    So, you are left with 2 options:
    1) Private-key (symmetric)
    2) Public-key

    Private key
    The main issue with symmetric encryption is that you must store your encryption key on the server itself (so it can encrypt your data). Storing a key in plaintext is not much better than not encrypting at all.

    So lets say we have a php/mysql implementation. How about storing your key compiled to bytecode in a script using zen/ioncube? Can someone comment on the safety of doing so?

    A problem that I can think of with doing this is lets say someone got root, and downloaded your sql data (encrypted) and your php scripts that encrypt/decrypt your sql data. Is it possible to exploit the compiled bytecode script to decode your data? I am just tossing this out there as I do not really know the answer. Hopefully someone can share their wisdom.

    Public Key
    Most common example I think is GPG/PGP. Your data is encrypted using a public key that was generated from your private key. The public key can be posted anywhere you want.. billboard, t-shirt, etc. Hand it out.

    When you want to decrypt the data, you will need to use your private key to do so. Lots of people send the protected data via email and decrypt it privately offline with their private key. Think about this - you dont want your private key stored on the server or else the whole system falls apart.

    Food for thought. Hope we can continue this talk.
    "The only difference between a poor person and a rich person is what they do in their spare time."
    "If youth is wasted on the young, then retirement is wasted on the old"

  19. #19
    Join Date
    Oct 2003
    Location
    Georgetown, Ontario
    Posts
    1,771
    If you think md5 hashes can't be broken down into the original string, you're somewhat right and somewhat wrong.

    http://slashdot.org/articles/04/08/1...&tid=1&tid=218

    Scary stuff
    ·· Repeat after me... ProSupport is the best... Prosupport is... ··
    ProSupport Host Support System - OUT NOW! Grab a copy yourself and see what the hype is about!
    VertiHost Inc. - We run a quality business. Do you?

  20. #20
    Join Date
    Jun 2002
    Location
    San Diego, California
    Posts
    788
    An application has been created based on that guy's methods called "md5col" that can get all the colisions for an md5 in less then 40 mins no matter what the length, MD5 algorithm is now pretty much useless except agenist script kiddies, any "real" hacker could easily get past it, I personally hope a new better quality hash algorithm will be created in the next year or so, Its really needed at this point.

  21. #21
    innova, While you have a basic down you're missing a fundamental aspect of public key encryption. In almost every implementation of PKE a symmetric key is still used. The symmetric key is used to encrypt the data and then the sender’s private key is used to encrypt the symmetric key and both are transferred. At the other end the key is decrypted with the sender’s public key and then the message is decrypted with the symmetric key.

    This is done because PKE is slow, very slow for encrypting large amounts of data. You would not want to encrypt your database fields using PKE for delivery over the web. This brings us back to the key management problem of storing a key on a server. This is the very problem that exists in the encryption world today. There is no easy solution, even in compiled code the key is still stored in a relative easy format to extract, eps if you know where to look. The only real solution to solving this problem is using a third party hardware device to store the key.

    In the past I have used nCipher HSM’s. They provide you with a piece of hardware that will hang off the network or attach directly to the server via a SCSI interface. The keys are protected either by the module (if you are doing web transactions) or by smart cards (if you are doing per to per transactions), actually they are always protected by the module but the smart card unlocks a ‘token’ that allow the use of the key, but that’s neither hear or there. The advantage of using this device is even if someone does hack your server and downloads your database and each and every file on the server it will be useless to them because the hardware module contains the key and it is required to decrypt the data. Key management problem solved.

    Now I realize this is impractical for most people as the cheapest device is around $10k (American). For a transaction process system on a tight budget system security is usually your only option, hence why so many people here are system security zealots.

    -c

  22. #22
    Join Date
    Mar 2004
    Location
    New Zealand
    Posts
    532
    Originally posted by Tee
    An application has been created based on that guy's methods called "md5col" that can get all the colisions for an md5 in less then 40 mins no matter what the length, MD5 algorithm is now pretty much useless except agenist script kiddies, any "real" hacker could easily get past it, I personally hope a new better quality hash algorithm will be created in the next year or so, Its really needed at this point.
    Provided MD5 hashes are well distributed over the hashspace then there are an infinite number of collisions for any MD5 hash. It is not physically possible to get "all collisions" because there is no "all", only an infinite number.

    MD5 is not useless, the user still has to KNOW the md5 to be able to generate collisons, and frankly if they have access enough to find that out then you have bigger problems laddie.

  23. #23
    Join Date
    Jun 2002
    Location
    San Diego, California
    Posts
    788
    gogocode:

    They could easily get an md5 hash for a superuser on a forum / phpnuke site etc...

  24. #24
    even in compiled code the key is still stored in a relative easy format to extract, eps if you know where to look
    Can you provide some more detail on this?

    I admit that my underlying assumption is that you cannot at least directly "decompile" a compiled script, as it exists in machine code.

    Now, I also realize that via analysis someone could work out what your script does.. function calls.. but its a far cry from simply extracting the original code, and if they knew how to do this they could more easily duplicate your coding efforts.

    That piece of information doesnt solve the key storage dilemma though.. so could you or someone elaborate how you might use / extract a key inside a php script compiled into bytecode? Pretty important topic.. I see a lot of people doing this and I have been assured by more than a couple "developers" that this is bulletproof.. of course I tend to sway to the skeptical side.
    "The only difference between a poor person and a rich person is what they do in their spare time."
    "If youth is wasted on the young, then retirement is wasted on the old"

  25. #25
    Join Date
    Jan 2003
    Location
    Europe
    Posts
    234
    one more idea is to spread the info on few boxes. each containing only a part of info needed to decrypt the data. so the hacker will have to hack all boxes.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •