ioleo / cryptomute Goto Github PK

We need to add a cipher method that does not require IV and test if current code base supports it.

Where do I set the Length of Encrypted output? I cannot see it in the docs

An idea for a better API is to add $key and $password parameters to encrypt and decrypt methods as optional arguments and remove them from constructor.

Currently the cipher operates on 2n powers of 2, becouse to produce a balanced feistel cipher an even number of bits (divisible into 2) is required. However this costs performance, becouse to make sure the output is smaller than maxValue we have to repeat encryption/decryption until the result fits.
The larger the gap between 0 and minValue and maxValue and 2n - the more iterations on average it will take.

Luby and Rackoff have proved that if we use the next power of 2 greater or equal to maxValue the number of operations (on average) required to produce the result will be 2.

Current implementation uses the "closest EVEN" power of 2.

This is probably not a big issue, as this library is blazingly fast anyways, but should be investigated.

Current tests could probably be improved to cover wider range of possible input data.
Exceptions thrown on invalid input should be tested.

Firstly, thanks for a great package, I came across this from another package (I don't remember which) that was itself linked to from Hashids, so I'm hoping this turns out to be faster than both of them.

I know in another post you said something along the lines of "there are no collision rates", and I wanted to confirm whether that was limited to the context of that thread or whether it generally applies to Cryptomute hashes. Is the output guaranteed to always be free of collisions no matter what?

I'm looking to generate unique user-facing IDs using primary keys in a database as input, limited to 8 digits. I selected the aes-192-ecb cipher which doesn't have an IV, and set a range of 0, 99999999 for the length, plus padding. Can I expect this function to return none or low collisions, and would using a short password affect this? For that matter, is it a good idea to use another dynamic value in the database (such as email?) as a dynamic password, or does the password need to remain static?

I'm trying to encrypt ids that are in the hundreds of millions (9 digits) into an 8 digit integer. The encrypt function works fine. The decrypt function does not decrypt to the correct input. If I increase the ValueRange from 8 to 9 digits decrypt works.

I'm not well versed in the algorithm used so it could be that this just an inherent limitation that I'm not aware of.

Example of the issue:

$cryptomute = new Cryptomute(
    'aes-128-cbc',      // cipher
    '0123456789zxcvbn', // base key
    7                   // number of rounds
);

// doesn't work
$cryptomute->setValueRange(0, 99999999);
// does work
//$cryptomute->setValueRange(0, 999999999);

$password = '0123456789qwerty';
$iv = '0123456789abcdef';

for ($i = 100000000; $i <= 100000010; $i++) {
    $encoded = $cryptomute->encrypt($i, 10, true, $password, $iv);
    $decoded = $cryptomute->decrypt($encoded, 10, true, $password, $iv);
    echo "ID: ".$i." DECODED: ".$decoded." ENCODED: ".$encoded."<br>";
}

GMP is sort of non-standard; even Google Cloud Platform's PHP runtime doesn't support it. Are there any plans to convert this to fallback to BCMath if GMP isn't available?

the line

        if (gmp_cmp($maxValue, $minValue) !== 1) {
            throw new InvalidArgumentException('Max value must be greater than min value.');
        }

keep called in my case making it hard for me to use it. The result of comparison in my case is 2 which is valid. The manual says of gmp_cmp

Returns a positive value if a > b, zero if a = b and a negative value if a < b.

So 2 is valid but you are checking for 1 only instead of positive numbers. Commenting out that one everything works great

I found probably an unusual, but beautiful use case for cryptomute - generating obfuscated same length public ids from a serial integer.

However, it's not written anywhere so I wanted to ask if there is a uniqueness guarantee given that max range value is big enough?

(I'm not concerned with the security of encrypted values, just its uniqueness for a unique set of numbers)

The composer.json states that this nice library is compatible with PHP 5.4, however gmp_import and gmp_export functions are PHP 5 >= 5.6.1

The code below will fix this:

if (!function_exists('gmp_import')) {
    function gmp_import($data)
    {
        return gmp_init(bin2hex($data), 16);
    }
}
if (!function_exists('gmp_export')) {
    function gmp_export($gmpnumber)
    {
        return hex2bin(gmp_strval($gmpnumber, 16));
    }
}