Encryption in php core?

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Encryption in php core?

Post by Roja »

During a discussion, Feyd brought up the idea of having a public discussion about the lack of secure encryption functions in php's core.

Mcrypt is of course an extension to php - one that is often not installed. Crypt, on the other hand, is a core function, but as we've discussed in other threads, the options available in crypt are generally considered not secure enough.

The net result for programmers targetting a wide audience that may or may not have mcrypt installed, is that you have to include replacement PHP functions for any secure crypt you want to do.

I'm curious how many members here consider crypt a critical function that needs to be included in the core of PHP (ie, not an extension).

The PHP internals group is discussing wishlist ideas for PHP6, so now would be an ideal time to mention it as an idea.

Share your thoughts on the idea, please.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

with growing problems and concerns over security in the IT sector, it feels very odd that they wouldn't place these types of functions in the core. Hell, at some point SHA256 won't even be all that secure. That time isn't probably as far off as we hope it is either, although it is exponentially more difficult to brute force than MD5 and SHA1 I'd imagine.

The point is, if we want secure sites/scripts, we need these functions to always be available. In order for that to happen, they need to be built into the core of php like MD5 and SHA1 are right now. I feel SHA256 is a good addition, but I'd go even further including far higher bit level ones, such as 512 and 1024 to cover future expansion and growth in security requirements.

If need be, I'll build a C version of my SHA256 routine to help them along, although there are several C builds of it out there already.
User avatar
nielsene
DevNet Resident
Posts: 1834
Joined: Fri Aug 16, 2002 8:57 am
Location: Watertown, MA

Post by nielsene »

I agree. Strong cryptographic tools should be a part of the core PHP install.

It should include:
Simple Hashing (as PHP currently does via SHA1 and MD5)
Keyed Hashing (HMACs)
symmetric de/ encryption (aka mcrypt, probably with a suitable "common use wrapper/simpler interface as well as the full version)
asymmetric de/encryption (aka openssl or similar again with some "general purpose" wrapper comamnds for the various main tasks (signing, verifiying a signature, encrpytion, etc)

This functionality needs to be common and shared across all installs of the language so that application developers can focus on using the correct tool, and not on what tool might be available.
Post Reply