Login   Register  
PHP Classes
elePHPant
Icontem

deficiencies

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us

      RSA  >  All threads  >  deficiencies  >  (Un) Subscribe thread alerts  
Subject:deficiencies
Summary:impractical key generation,
Messages:1
Author:arguetests
Date:2009-12-05 15:46:15
 

  1. deficiencies   Reply   Report abuse  
Picture of arguetests
arguetests
2009-12-05 15:46:15
echo"<i>Keys:</i><br />";
$keys = $RSA->generate_keys ('9990454949', '9990450271', 1);

$message="هذا نص عربي بتنسيق مجموعة المحارف العالمية";
$encoded = $RSA->encrypt ($message, $keys[1], $keys[0], 5);
$decoded = $RSA->decrypt ($encoded, $keys[2], $keys[0]);

That's a horrible way to generate keys. It does the easiest part of key generation and leaves the hardest part to the person using the library. Plus, it doesn't provide you any mechanism to load pre-computed keys.

And the method it uses to encrypt and decrypt is about as secure as ECB is for block ciphers. You encrypt a plaintext multiple times and each time get the same ciphertext. PKCS#1 discuses two encryption / decryption methods for which this doesn't hold true, neither of which are implemented by this library.

phpseclib's Crypt_RSA overcomes all of these deficiencies:

http://phpseclib.sourceforge.net/