What are the difference between MCRYPT_RIJNDAEL_128
, MCRYPT_RIJNDAEL_256
, MCRYPT_BLOWFISH
, etc. Which one is best suitable for 开发者_C百科data transfer on web?
Rijandel is another name for AES, the current "one good standard" algorithm. The number 128 or 256 is the key length.
Blowfish is a somewhat older 64 bit block cipher (AES is a 128 bit block cipher).
You can't really say that either of them is any "better" or "worse", because none of them has really been broken, but in general AES should be superior, and most implementations are faster too. Also, the most modern CPUs support AES in hardware, which will make it even faster... so there is little reason not to use AES.
As for key length, 128 bits is actually quite sufficient for a symmetric cipher. Unless of course you are the keeper of your country's nuclear weapon codes, in that case you will want to use 256 bit keys instead.
Note that if you want to use a 256 bit key in a sensible manner, then you will need a password of around 40 characters. Which shows once again that the crypto algorithm is not the weak link in the security chain, but the human is.
Edit: On a second thought, 50-60 characters is probably a more reasonable guess for the required password length on a 256 bit key. English language has considerably less than 2 bits of entropy per character. Let's assume you use a somewhat more random character sequence of letters and digits (one must still be able to remember it, though...), so maybe we'll have 4-5 bits of entropy per character (quite optimistic!). That would require you to type in between 51 and 64 characters, so the password's entropy roughly matches the key's.
Now the question is: How many of us have a 50 character password? :-)
Update:
As of late 2011, there exists a key-recovery attack on Rijndael/AES (Bogdanov, Khovratovich, Rechberger) which is not one of the "mostly theoretical" or "hilarious reduced round" kind of attacks. The attack works on full-round AES and is about 4 times faster than brute force. Formally, one may therefore consider Rijndael being "broken".
Practically, the attack is to date irrelevant. Even with the shortest supported key length, an attack four times faster than brute force requires 2126 operations, which is not practical even with a massive hardware implementation. However, this might change in the future if the attack can be improved.
Both Rijndael and Blowfish are considered to be secure.
MCRYPT_RIJNDAEL_128 vs MCRYPT_RIJNDAEL_256:
The only difference is the block size. You can use either with 128 bit, 192 bit, or 256 bit keys.
Bigger keys take longer to brute-force.
The 256-bit version is therefor more secure.
Note: The 128-bit version still takes lots of time time to brute-force.
Currently Rijndael is the Advanced Encryption Standard:
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
AES is generally faster then Blowfish because:
- The algorithm itself is more efficient for processors (bit vs byte blocks).
- Manny processors support hardware acceleration for AES.
Conclusions:
- All three options are secure enough for data transfer.
- The choice depends on how 'secret' the data is.
- Rijndael is wider used and therefore easier to implement is some situations.
The answer(s) to this question stating that, regarding MCRYPT_RIJNDAEL_128 and MCRYPT_RIJNDAEL_256, "The number 128 or 256 is the key length" - this is incorrect. These numbers refer to the blocksize, not the keylength. However, both implementations (using a block size of 128 or 256 bits) can accept keys of 128 or 256 bits.
It depends on the kind of answer you want: Differences in implementation are a mere programming concern whilst differences in design are usually quite detailed mathematical proofs. Explaining the intricate design differences between several encryption algorithms is possibly beyond the scope of this site. In addition, every algorithm has weaknesses, some known, some not. Specific weaknesses in extant algorithms usually result in their retirement, but there can be ways to work around them (Classic example: DES had a subset of keys that resulted in easily crackable code. The workaround was to not use those keys.).
RSA is an Asymmetric encryption algorithm and maximum Key length 2048 for proposed year 2030 AES is a Symmetric algorithm with maximum key size 256 bit for proposed year 2015 a Serpent encryption algorithm is also symmetric algorithm with key size 256 and proposed year 2015.
精彩评论