13.13 Encryption

With the mcrypt extension, you can encrypt and decrypt data using a variety of popular algorithms such as Blowfish, Triple DES, and Twofish. Example 13-17 encrypts and decrypts a string with Blowfish.

Example 13-17. Encrypting and decrypting with mcrypt

// The string to encrypt
$data = 'Account number: 213-1158238-23; PIN: 2837';
// The secret key to encrypt it with
$key  = "Perhaps Looking-glass milk isn't good to drink";

// Select an algorithm and encryption mode
$algorithm = MCRYPT_BLOWFISH;
$mode = MCRYPT_MODE_CBC;
// Create an initialization vector
$iv = mcrypt_create_iv(mcrypt_get_iv_size($algorithm,$mode),
                       MCRYPT_DEV_URANDOM);

// Encrypt the data
$encrypted_data = mcrypt_encrypt($algorithm, $key, $data, $mode, $iv);

// Decrypt the data
$decrypted_data = mcrypt_decrypt($algorithm, $key, $encrypted_data, $mode, $iv);

print "The decoded data is $decrypted_data";

Example 13-17 prints:

The decoded data is Account number: 213-1158238-23; PIN: 2837

Read about mcrypt in PHP Cookbook, Recipes 14.7, 14.8, and 14.9, and in the PHP Manual (http://www.php.net/mcrypt). Just as a fancy lock on your front door doesn't do much if your house is made of clear plastic sheeting, the most robust encryption algorithm is just one part of a comprehensively secure program. To learn more about computer security and encryption, read Practical Unix & Internet Security by Simson Garfinkel, Alan Schwartz, and Gene Spafford (O'Reilly) and Applied Cryptography by Bruce Schneier (John Wiley and Sons).