What are the strongest encryption/hashing functions? |
Using CI 3.0 RC2 Encryption library
- What's the strongest functionality to use for string hashing? Can you provide a working example? - What's the strongest functionality to use for string encryption/decryption? Can you provide a working example?
Hashing has nothing to do with encryption and CI_Encryption doesn't provide hashing. But to answer your question: bcrypt, scrypt and pbkdf2 are today's standards for password hashing. The first one is the most accessible and popular in the PHP world, just use the password hashing functions.
There's no "strongest" encryption, but AES-128 is a the de-facto standard everywhere (except maybe in Japan). It's also the default algorithm in CI_Encryption, so all you need is to use a strong key and encrypt()/decrypt() away.
Thanks for your clarification. Here comes two use cases about hashing and encryption/decryption.
- Hash and match a password using PHP functions PHP Code: /* 1. "Register a new password" use case */ - Encrypt and decrypt a string using CI Encryption library PHP Code: $this->load->library('encryption'); The only thing that is not so clear to me is the length of encryption key which has to be exactly or at least of 16 bytes (for AES-128 cipher).
RFC2898DeriveBytes Class
Using RFC2898DeriveBytes with a non trivial iteration count should be better than using a straight hash function for authentication purposes. The Rfc2898DeriveBytes class can be used to produce a derived key from a base key and other parameters. In a password-based key derivation function, the base key is a password and the other parameters are a salt value and an iteration count. More about.......Encryption and Decryption Bang |
Welcome Guest, Not a member yet? Register Sign In |