1

I'm learning encryption and using openssl_encrypt in PHP. I have encryption and decryption working with 2 functions, respectively. I simply pass the data to be encrypted/decrypted, and a unique ID that belongs to the user. The function returns the encrypted/decrypted data.

When the function is called, I get a PHP warning saying "openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended".

I've read a little about IV's and am trying to understand if an IV is necessary in this case if I am using a unique key for each encrypted data set:

My encrypt function is setup like this:

function EncryptData($inputString,$uniqueID)
{

global $encryptKey;  // Pulls out encryption key stored in a separate file
$method = 'aes256';  //Encryption Method

return openssl_encrypt($inputString,$method,$encryptKey.$uniqueID);

}

The decrypt function is nearly identical, except it decrypts instead and returns the data.

Notice that I combine the global encryption key with the user's unique ID to generate a combined key. This ensures that the key for every user is unique. Hence, this should also ensure that the encrypted data is also unique for separate users, even if the unencrypted values are identical, correct? If so, then is an IV necessary in this case? Is there an advantage to still using an IV or a disadvantage to not using an IV here?

SudoKill
  • 165
  • 3
  • 9

3 Answers3

1

Is an Initialization Vector necessary if using different keys for each encrypted data set?

It depends on the mode. For ECB mode, no. In fact ECB mode does not take an IV. However, as soon as you encrypt data that is larger than the block size, you loose semantic security. That is, anything over the cipher's block size will leak information. See the picture of Tux at Block Cipher Modes of Operation.

Other modes, such as CBC, OFC, FBC, CTR and the others require an IV. The IV requirements differ among the modes, though. Some allow a unique IV, others require random IV, and some forbid reuse of an IV within a key.

As for your warning: just use a random IV with each encryption and you will avoid most of the pitfalls. If you re-encrypt a decrypted message, then use a fresh IV.

Is there an advantage to still using an IV or a disadvantage to not using an IV here?

Two messages encrypted under the same user will produce the same cipher text if the messages are the same. You've leaked information, and lost semantic security.

jww
  • 97,681
  • 90
  • 411
  • 885
0

This question may help you. It is provide semantic security to the encryption where repeated use of same key will not reveal information to the attacker.

Community
  • 1
  • 1
doptimusprime
  • 9,115
  • 6
  • 52
  • 90
0

If you encrypt more than one message with the same key (like two encrypted message for the same user, in your case), you ought to use a different IV each time.

The reason is that two messages that starts with the same data (within each encryption block, 16 bytes for AES), would also look the same in encrypted form when using the same IV.

Two encrypted messages that starts with the same sequence, reveals information about the encrypted data.

Ebbe M. Pedersen
  • 7,250
  • 3
  • 27
  • 47