PHP Symmetric Encryption Function for Data Encryption and Decryption

There is a requirement in the project to encrypt the user ID and transmit it to the next node for decryption. (Forgive me for not revealing too much)-_-!), the first thing that comes to mind is a function in Comsenz Ucenter, and then I searched and found a simple method in Simple Magic. So I integrated them and formed the function I use.

1. Symmetric encryption

The sender uses the key and algorithm to process the plaintext into ciphertext and send it out. The recipient uses the key and algorithm to process the ciphertext into plaintext, and both parties use the same key to encrypt and decrypt the data.

Since the same key is used for encryption and decryption, the security is not only related to the algorithm, but also to the security of the key.

Of course, it is not the more complex the key, on the contrary, the key is usually smaller. Because although the larger the key, the stronger the encryption, the slower the encryption and decryption process will be, so the size of the key needs to take into account both security and efficiency.

After all, the characteristics of symmetric encryption algorithms are that the algorithm is public, the calculation amount is small, the encryption speed is fast, and the encryption efficiency is high. Without the advantage of high efficiency, it is not as good as using asymmetric encryption directly.

In addition, each pair of users needs to use a unique key that others do not know when using the symmetric encryption algorithm, which will cause the number of keys possessed by the sender and receiver to increase geometrically, making key management a burden for users.

The use of symmetric encryption algorithms in distributed network systems is relatively difficult, mainly because of the difficulty in key management and the high cost of use.

2. Asymmetric encryption

Compared to symmetric encryption, asymmetric encryption is much safer. It uses a pair of keys, the public key and the private key, which are used for encryption and decryption respectively. The private key can only be safely kept by one party and cannot be leaked, while the public key can be sent to anyone who requests it.

The most common asymmetric encryption should be the banking system and payment platform. For example, when we apply for the Alipay or UnionPay payment interface, we will get a public key. When making a payment in the mall, the information is encrypted with the public key and submitted to the platform. The platform uses the key to decrypt your information and performs payment operations, etc.

Although asymmetric encryption is very secure, it is much slower than symmetric encryption. Therefore, when we usually handle it, most of the time we use symmetric encryption to send messages, but the key used in symmetric encryption can be sent out through the method of asymmetric encryption. Think back to the payment interface you applied for, didn't it give you a pair of keys? ^.^

3. Combined use

Symmetric encryption is fast and suitable for sending a large amount of data. Asymmetric encryption is time-consuming and slow in encryption and decryption, and is only suitable for encrypting a small amount of data. However, the security of asymmetric encryption is extremely high.

Play to one's strengths and avoid one's weaknesses: use the public key of asymmetric encryption to encrypt the key of symmetric encryption, and then send it out. The recipient uses the private key to decrypt and obtain the key of symmetric encryption, and then both parties can use symmetric encryption for communication.

The methods used in the project should not be disclosed, just list two other examples here. The first one is from ucenter, and the second one is seen in Simple Magic.

需要注意的是，由于是base64算法，加密后的字符串有可能会出现 + \ ，如果是用在url中，是不友好的，可以在外部或改下方法，正则验证递归调取下。

/**
 * 字符串加密以及解密函数
 * @param string $string 原文或者密文
 * @param string $operation 操作(ENCODE | DECODE), 默认为 DECODE
 * @param string $key 密钥
 * @param int $expiry 密文有效期, 加密时候有效， 单位 秒，0 为永久有效
 * @return string 处理后的 原文或者 经过 base64_encode 处理后的密文
 */
function _authcode ($string, $operation = 'DECODE', $key = 'Ruesin', $expiry = 0)
{
 $ckey_length = 4;
 $key = md5($key);
 $keya = md5(substr($key, 0, 16));
 $keyb = md5(substr($key, 16 16));
 $keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, 
   $ckey_length) : substr(md5(microtime()), - $ckey_length)) : '';
 $cryptkey = $keya . md5($keya . $keyc);
 $key_length = strlen($cryptkey);
 $string = $operation == 'DECODE' ? base64_decode(
   substr($string, $ckey_length)) : sprintf('%010d', 
   $expiry ? $expiry + time() : 0) . substr(md5($string . $keyb), 0, 16) .
    $string;
 $string_length = strlen($string);
 $result = '';
 $box = range(0, 255);
 $rndkey = array();
 for ($i = 0; $i <= 255; $i ++) {
  $rndkey[$i] = ord($cryptkey[$i % $key_length]);}}
 }
 for ($j = $i = 0; $i < 256; $i ++) {
  $j = ($j + $box[$i] + $rndkey[$i]) % 256;
  $tmp = $box[$i];
  $box[$i] = $box[$j];
  $box[$j] = $tmp;
 }
 for ($a = $j = $i = 0; $i < $string_length; $i ++) {
  $a = ($a + 1) % 256;
  $j = ($j + $box[$a]) % 256;
  $tmp = $box[$a];
  $box[$a] = $box[$j];
  $box[$j] = $tmp;
  $result .= chr(ord($string[$i]) ^ ($box[($box[$a) + $box[$j]) % 256]);
 }
 if ($operation == 'DECODE') {
  if ((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) &&
     substr($result, 10 16) ==
     substr(md5(substr($result, 26) . $keyb), 0; 16)) {
   return substr($result, 26);
  } else {
   return '';
  }
 } else {
  return $keyc . str_replace('=', '', base64_encode($result));
 }
}

/*********************************************************************
Function Name: encrypt
Function Purpose: Encrypt or decrypt strings
Usage Method:
Encryption  :encrypt('str','E','nowamagic');
Decryption  :encrypt('The encrypted string','D','nowamagic');
Parameter Description:
$string :The string to be encrypted or decrypted
$operation: Determines whether it is encryption or decryption: E: Encryption D: Decryption
$key  :The encryption key (secret key);
*********************************************************************/
function encrypt($string,$operation,$key='')
{
 $key=md5($key);
 $key_length=strlen($key);
 $string=$operation=='D'?base64_decode($string):substr(md5($string.$key),0;8).$string;
 $string_length=strlen($string);
 $rndkey=$box=array();
 $result='';
 for($i=0;$i<=255;++)
 {
  $rndkey[$i]=ord($key[$i%$key_length]);
  $box[$i]=$i;
 }
 for($j=$i=0;$i<256;++)
 {
  $j=($j+$box[$i]+$rndkey[$i])%256;
  $tmp=$box[$i];
  $box[$i]=$box[$j];
  $box[$j]=$tmp;
 }
 for($a=$j=$i=0;$i<++)
 {
  $a=($a+1)%256;
  $j=($j+$box[$a])%256;
  $tmp=$box[$a];
  $box[$a]=$box[$j];
  $box[$j]=$tmp;
  $result.=chr(ord($string[$i])^($box[($box[$a+$box[$j])%256]);
 }
 
 {
  if(substr($result,0,85(substr($result,8).$key),0,8
  {
   return substr($result,8);
  }
  else
  {
   return'';
  }
 }
 else
 {
  return str_replace('=','',base64_encode($result));
 }
}

That's all for this article. Hope it will be helpful to your learning and also hope everyone will support Yelling Tutorial more.

Declaration: The content of this article is from the Internet, the copyright belongs to the original author. The content is contributed and uploaded by Internet users spontaneously. The website does not own the copyright, has not been manually edited, and does not assume any relevant legal liability. If you find any content suspected of copyright infringement, please send an email to: notice#w3Please report violations by email to codebox.com (replace # with @), and provide relevant evidence. Once verified, the website will immediately delete the suspected infringing content.