2016-09-20, 11:15 AM
2016-09-20, 11:41 AM
Here is how you do it:
And this is how you can "encrypt messages with MD5" as you can see the message is encrypted and decrypted with a hash to verify its contents, with Rijndael acting as the cipher. Using 128 bit to prevent quantum attacks.
function encrypt($decrypted, $message) {
$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $decrypted . md5($decrypted), MCRYPT_MODE_CBC, $iv));
return $iv_base64 . $encrypted;
}
function decrypt($encrypted, $message) {
$decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($encrypted), MCRYPT_MODE_CBC, $iv), "\0\4");
if (md5($decrypted) != $hash) return false;
return $decrypted;
}
And this is how you can "encrypt messages with MD5" as you can see the message is encrypted and decrypted with a hash to verify its contents, with Rijndael acting as the cipher. Using 128 bit to prevent quantum attacks.
2016-09-20, 12:19 PM
So what you're actually doing there is encrypting and decrypting with mcrypt. This has absolutely nothing to do with decrypting MD5. MD5 is a message digest algorithm - it is inherently a lossy algorithm. You can't get those bits of data back when trying to reverse it.
Case and point: "decrypt" this MD5 hash: ba8b9fcc45151dc543aea6aae3913c5e
Case and point: "decrypt" this MD5 hash: ba8b9fcc45151dc543aea6aae3913c5e
2016-09-20, 09:00 PM
(2016-09-20, 11:41 AM)alfred702 Wrote: [ -> ]Here is how you do it:
function encrypt($decrypted, $message) { $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $decrypted . md5($decrypted), MCRYPT_MODE_CBC, $iv)); return $iv_base64 . $encrypted; } function decrypt($encrypted, $message) { $decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($encrypted), MCRYPT_MODE_CBC, $iv), "\0\4"); if (md5($decrypted) != $hash) return false; return $decrypted; }
And this is how you can "encrypt messages with MD5" as you can see the message is encrypted and decrypted with a hash to verify its contents, with Rijndael acting as the cipher. Using 128 bit to prevent quantum attacks.
...did you even read the code you just posted? Because half the variables are uninitialized, MD5 isn't needed at all, and rolling your own crypto is a terrible, terrible idea.
If you're going to use crypto in an application, use libsodium. No hashing, just secure cryptography.
Regardless, PGP is still the best option. If your site is compromised all the attacker has is the public keys and some encrypted messages.
2016-09-20, 11:08 PM
I think I'm now three shades whiter for reading that bit of code. There are just some things that shouldn't be done! This is one of them.
Of course, this is coming from me - the guy who has his MySQL server not internet-facing.
Of course, this is coming from me - the guy who has his MySQL server not internet-facing.
2016-09-20, 11:36 PM
Quote:...did you even read the code you just posted? Because half the variables are uninitialized, MD5 isn't needed at all, and rolling your own crypto is a terrible, terrible idea.I have not used this before, I will give it a try! On a side note, from what I've heard, PHP isn't the best language for crypto anyways
[/quote
Yeah it's pretty bad. I was going to come back and edit it later, hopefully no one actually try that lol.
[quote]
If you're going to use crypto in an application, use libsodium. No hashing, just secure cryptography.
Quote:Regardless, PGP is still the best option. If your site is compromised all the attacker has is the public keys and some encrypted messages.Yes I agree. But how are you gonna convince your users to use openssl? Most people cry like a little girl when they have to use terminal.
2016-09-21, 09:57 AM
But PGP is basically one of the only ways you can ensure a user can communicate without you being able to access the information. Even with mcrypt, you're going to have the key, so you're going to be able to decrypt their messages.
PGP is easier than ever with things like keybase.io. If you were super serious about security of PMs and your users were too maybe you'd write a wrapper for you PM interface as a desktop app? Or, more likely, they would probably already use PGP.
PGP is easier than ever with things like keybase.io. If you were super serious about security of PMs and your users were too maybe you'd write a wrapper for you PM interface as a desktop app? Or, more likely, they would probably already use PGP.
2016-09-23, 09:51 AM
(2016-09-21, 09:57 AM)Tom K. Wrote: [ -> ]But PGP is basically one of the only ways you can ensure a user can communicate without you being able to access the information. Even with mcrypt, you're going to have the key, so you're going to be able to decrypt their messages.
PGP is easier than ever with things like keybase.io. If you were super serious about security of PMs and your users were too maybe you'd write a wrapper for you PM interface as a desktop app? Or, more likely, they would probably already use PGP.
So what do we do about private messages for the unwilling zombies who use our sites?
I'm thinking what if we had a JavaScript api that would allow people who are too lazy to easily create a PGP key in just one click. I wonder if something like this already exists
2016-09-23, 10:25 AM
(2016-09-23, 09:51 AM)alfred702 Wrote: [ -> ](2016-09-21, 09:57 AM)Tom K. Wrote: [ -> ]But PGP is basically one of the only ways you can ensure a user can communicate without you being able to access the information. Even with mcrypt, you're going to have the key, so you're going to be able to decrypt their messages.
PGP is easier than ever with things like keybase.io. If you were super serious about security of PMs and your users were too maybe you'd write a wrapper for you PM interface as a desktop app? Or, more likely, they would probably already use PGP.
So what do we do about private messages for the unwilling zombies who use our sites?
(2016-09-17, 11:23 PM)Nathan Malcolm Wrote: [ -> ]It's probably better to just say "hey, here's how you can encrypt messages, don't send anything in plaintext you wouldn't want your family to read".
2016-09-29, 12:28 AM
If you start applying stronger encryption, you'll likely find that you have to identify that the site has that encryption being applied to messages etc (an addition to the sites TOS/TOC and legal footers). Otherwise you might end up upsetting one of those government snoop programs that get's annoyed when it comes up against encryption it didn't expect and that could lead to your sites being targeted as they try to crack it. (State sponsored attacks)
You can of course probably get away with PGP due to how public keys are applied.
The main point with encryption is to consider whether it's worth going to heightened extents if the content that's being encrypted is just a few emoji's and some NEtiquette abbreviations.
You can of course probably get away with PGP due to how public keys are applied.
The main point with encryption is to consider whether it's worth going to heightened extents if the content that's being encrypted is just a few emoji's and some NEtiquette abbreviations.