Hi
Dne Wed, 20 Mar 2013 11:53:05 +0100 Michael Hamann michael@content-space.de napsal(a):
I was alerted that something might be wrong in the Blowfish implementation when a user complained that he couldn't decrypt a text that was encrypted on another system. I found that the ciphertext depends on the system (even if both systems are 64 bit systems).
As phpMyAdmin uses the encryption for temporary data stored in cookie, this should not be an issue - it should be always same system that does both encrypting and decrypting.
This loss of precision happens in the calculation of the S-boxes which means that these S-boxes are most probably less random than they should be. I think the security of the algorithm might be flawed because of this but I'm not sure. However at least one thing is clear: this is not Blowfish.
Flawed security sounds bad, though we've always strongly recommended to install mcrypt (in which case this code is not used), so most users should be safe.
We don't plan to fix the implementation, instead we deprecated it and want to replace it after the current release, http://phpseclib.sourceforge.net/ (AES) is a possible candidate. I assume that regardless which library we choose the ciphertext will be different so it doesn't matter if we also switch the block cipher.
Indeed it makes sense to switch to more reliable code. We will consider it as well.