|I'm not a cryptologist, and from a brief look at the class, neither is|
"Home grown" encryption is dangerous, far more so than no encryption at
all, because it may lead the unwary into thinking they are safe, and
thus behave accordingly.
From the looks of it, the algorithm used in this class is not just weak,
it's nothing more than a glorified character substitution cipher. They
stopped being used some time before the first World War.
It doesn't matter that it is the key that is modified.
Unless the author can provide reviewed documentation for the actual algorithm used, I'd suggest that no one even try to use this in any real implementations.
|2014-04-07 11:58:18 - In reply to message 1 from Asbjorn Grandt|
|A friend of mine put a name on this approach, and it is worse than I suspected.|
It is merely a variation of the Vigenère cipher.
|2014-04-07 13:11:12 - In reply to message 2 from Asbjorn Grandt|
1) I was not aware of the cipher, so thanks for posting it
2) Since you had mentioned you are not a cryptologist, I can understand your immediate fear of using some non-standard/non-commercial versions
3) But please note that there is nothing like unbreakable encryption, the difference is the time (Big-0) required to break an encryption
4) All standard algorithms use a public-private key (asymmetrical) encryption and the brute-force required to break it increases exponentially with the length of key and so we have 128-bit, 256-bit etc.,
5) But a symmetric key like this package is different and is much more difficult to break with brute-force , but unfortunately they can be used only in closed networks and not in public networks for obvious reasons
6) I think that this algorithm is also quite difficult to break because here we are not deriving keys as a mathematical functions of constant nature but as continuously varying element depending on content.
7) But having said that I will also like to hear a non-passionate, non-assuming more scientific feedback of the time complexity required to break this algorithm from someone, just for my own confirmation.
|2014-04-07 14:30:00 - In reply to message 3 from Subramanian|
|Few attackers uses brute force on the cipher itself, if anything they'll attack the password people choose to protect their keys instead.|
And believe it or not, but public key ciphers often uses a symmetric key cipher as well. They use the very slow public key to protect the symmetric key, which is embedded in the cipher text, then use that key to decrypt the rest, or they use the public key to negotiate a symmetric key to protect the remaining communication.
The reason brute force is not feasible, is that they are designed to take what amounts to the combined current computational power of the planet no less that billions of years to have even a reasonable chance of succeeds. Some of the true "Telescopic Encryptions" (multiple ciphers chained in serial) can reasonably talk about a brute force time to attack that exceeds the heat death of the universe. (100+ trillion years from now)
The main concern with ciphers today is analytic attacks, and here ciphers, like the Vigenère cipher, has a series of known weaknesses, making these attacks somewhat routine. If they didn't have these known weaknesses, they'd still be in use today.
Just because I'm not a professional cryptographer, doesn't mean I don't know, or at least have a very good idea of what I'm talking about.
What you should have done instead, was to use the build in cryptographic packages in PHP, and used those to chain a series of encryption steps, and a salt value to change the password between the steps. For instance chain Twofish->AES256. Even if AES256 does have a theoretical weakness, none have been shown in practice. Yet.
Will it be fast? Not even close. But execution time is also an important of the process.
The benefit will be that if you do it right, people will have an easier time of using encryption, as most cryptographic packages are a little cumbersome on their own.