The functions by default use the Blowfish algorithm. A list of cipher definitions to select the cipher mcrypt uses also exists. A block cipher encrypts the input in blocks of known size and position with a known key, so that the data can later be decrypted using the key. $key = 'This Is The Cipher Key'; $ciphertext = mcrypt_encrypt(MCRYPT_BLOWFISH, $key, 'This is plaintext.', MCRYPT_MODE_CFB); $plaintext = mcrypt_decrypt(MCRYPT_BLOWFISH, $key, $encrypted, MCRYPT_MODE_CFB); Never ever use the ECB mode.
Basically you should not think of encryption at this level, you should think about access control, confidentiality, integrity and authentication.
After that check how you can achieve this, possibly using encryption or secure hashing.
It should also be able to increase the load for faster hardware without affecting the ability to verify existing password hashes to make it future proof.
Currently there are two popular choices available: $password = 'my password'; $random = openssl_random_pseudo_bytes(18); $salt = sprintf('$2y$d$%s', 13, // 2^n cost factor substr(strtr(base64_encode($random), ' ', '.'), 0, 22) ); $hash = crypt($password, $salt); for Blowfish), the cost factor (a factor of 13 takes roughly 0.40s on a 3GHz machine) and the salt of 22 characters.
If you publish an encryption library, you don't know how developers will implement it.
That's why github.com/defuse/php-encryption provides authenticated symmetric-key encryption and doesn't let developers weaken it without editing its code. There's not enough information in the question to say that AE isn't necessary here. The question doesn't say, and it might be dangerous to make assumptions.//Key $key = 'Super Secret Key'; //To Encrypt: $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, 'I want to encrypt this', MCRYPT_MODE_ECB); //To Decrypt: $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted, MCRYPT_MODE_ECB); To understand this question, you must first understand what SHA256 is. A Cryptographic Hash Function is a one-way function, whose output is cryptographically secure.
You might want to read into PBKDF2 and bcrypt/scrypt to understand secure hashing of passwords and the like.
Cipher and mode Choosing the best encryption cipher and mode is beyond the scope of this answer, but the final choice affects the size of both the encryption key and initialisation vector; for this post we will be using AES-256-CBC which has a fixed block size of 16 bytes and a key size of either 16, 24 or 32 bytes.
I'm currently a student and I'm studying PHP, I'm trying to make a simple encrypt/decrypt of data in PHP.