I plan to write a web application to the server for storing passwords (I have existing systems, I know, but the task was set to gain experience) the question approached the choice of a cryptoalgorithm, I confess, honestly, I don’t understand them well, and I’ve got to thoroughly study everything, an algorithm is needed that would encrypt the data in a convenient form for storage in MySQL , but it follows from the task that the opposite result also needs to be obtained. Well, I think you understand me, help with a choice in terms of cryptographic strength, preferably with arguments.

  • one
    Is the “reverse result” the original password? If so, the question is: why? - a_gura
  • one
    Well, depending on what is meant by the opposite result. If it is possible to have decryption by definition, then encryption is particularly cool and is not required (what is the meaning of the “coolness” of the encryption level?). With such success, you can apply base64_encode / base64_decode , only with the result "multiplied" by a couple of salts , known even then to those people who should have the right to be able to know the reverse procedure. The method is quite seriously used on commercial platforms. PS .. or specify the task - void
  • I do not know what the author meant, but I would present it as the task of storing short, independent words in an encrypted form. Those. Imagine that these passwords are not from the server on which they are stored. And they are never checked on it. Simply sent to the server, stored encrypted and can be requested by the author (owner) in decrypted form. Accordingly, we need some kind of reliable scheme (including the management of encryption keys) of their encryption-transfer-storage-decryption by the owner. - Naturally, these considerations are just a telepathy session :) - avp
  • from lastpass discharge? encrypt the password with a public key, there are RSA libraries for js. The private key can also be stored on the server, password protected. - zb '

1 answer 1

You need to look in the direction of block symmetric ciphers (for a long time to explain why). And those are not so much. DES (easily decrypted), AES (they say there is a backdoor, though I don’t believe it), BlowFish is kind of weak, Anubis, IDEA is what you need. All the others are variations of these algorithms to some extent (there is certainly an exotic, but we still need to look for their implementation).

I personally would not bother too much and took AES (implemented everywhere), I just paid special attention to the block coupling mode - this is the weak point of any block algorithm. Block algorithms encode blocks of information on 64/128, etc. a bit, in order to avoid an attack on a mask, these blocks need to be mixed with something and hooked up - this is called a clutch mode / mode - I recommend CBC mode - as simple as a Kalashnikov machine gun, and the destructive force is sufficient.

  • I personally would not bother too much and took AES (implemented everywhere) I compared the results of Google on the subject of AES and Anubis - the first one gives out much more about hacking attempts. I think this can be considered a factor ... The system is such that only encrypted data is stored in mysql. Hypothetically, if a hacker gets a database, he will receive little benefit without a key. Anubis is somehow more sympathetic, less well-known, but this is his advantage. If a cracker tries to hack, there will be less information in his weapon, so I think ... Thank you very much, you helped me. - Andrei Talanin September
  • I also sympathize with Anubis, I even know the developers ... I do not know in what environment you will be implementing encryption, but you will have to tinker with Anubis. It is absent in standard libs. - Barmaley
  • PHP, found on a githabe a class for working with Anubis. github.com/kolonist/php-anubis - Andrey Talanin September
  • @ Andrei Talanin, before applying, check for Anubis test vectors - they lie here - Barmaley