Page 1 of 1

Encryption in php core?

Posted: Mon Aug 22, 2005 10:08 am
by Roja
During a discussion, Feyd brought up the idea of having a public discussion about the lack of secure encryption functions in php's core.

Mcrypt is of course an extension to php - one that is often not installed. Crypt, on the other hand, is a core function, but as we've discussed in other threads, the options available in crypt are generally considered not secure enough.

The net result for programmers targetting a wide audience that may or may not have mcrypt installed, is that you have to include replacement PHP functions for any secure crypt you want to do.

I'm curious how many members here consider crypt a critical function that needs to be included in the core of PHP (ie, not an extension).

The PHP internals group is discussing wishlist ideas for PHP6, so now would be an ideal time to mention it as an idea.

Share your thoughts on the idea, please.

Posted: Mon Aug 22, 2005 10:18 am
by feyd
with growing problems and concerns over security in the IT sector, it feels very odd that they wouldn't place these types of functions in the core. Hell, at some point SHA256 won't even be all that secure. That time isn't probably as far off as we hope it is either, although it is exponentially more difficult to brute force than MD5 and SHA1 I'd imagine.

The point is, if we want secure sites/scripts, we need these functions to always be available. In order for that to happen, they need to be built into the core of php like MD5 and SHA1 are right now. I feel SHA256 is a good addition, but I'd go even further including far higher bit level ones, such as 512 and 1024 to cover future expansion and growth in security requirements.

If need be, I'll build a C version of my SHA256 routine to help them along, although there are several C builds of it out there already.

Posted: Mon Aug 22, 2005 10:35 am
by nielsene
I agree. Strong cryptographic tools should be a part of the core PHP install.

It should include:
Simple Hashing (as PHP currently does via SHA1 and MD5)
Keyed Hashing (HMACs)
symmetric de/ encryption (aka mcrypt, probably with a suitable "common use wrapper/simpler interface as well as the full version)
asymmetric de/encryption (aka openssl or similar again with some "general purpose" wrapper comamnds for the various main tasks (signing, verifiying a signature, encrpytion, etc)

This functionality needs to be common and shared across all installs of the language so that application developers can focus on using the correct tool, and not on what tool might be available.