[Phpmyadmin-devel] Blowfish implementation might be broken
Michal Čihař
michal at cihar.com
Wed Mar 20 13:58:24 CET 2013
Hi
Dne Wed, 20 Mar 2013 11:53:05 +0100
Michael Hamann <michael at content-space.de> napsal(a):
> I was alerted that something might be wrong in the Blowfish
> implementation when a user complained that he couldn't decrypt a text
> that was encrypted on another system. I found that the ciphertext
> depends on the system (even if both systems are 64 bit systems).
As phpMyAdmin uses the encryption for temporary data stored in cookie,
this should not be an issue - it should be always same system that does
both encrypting and decrypting.
> This loss of precision happens in the calculation of the S-boxes which
> means that these S-boxes are most probably less random than they
> should be. I think the security of the algorithm might be flawed
> because of this but I'm not sure. However at least one thing is clear:
> this is not Blowfish.
Flawed security sounds bad, though we've always strongly recommended to
install mcrypt (in which case this code is not used), so most users
should be safe.
> We don't plan to fix the implementation, instead we deprecated it and
> want to replace it after the current release,
> http://phpseclib.sourceforge.net/ (AES) is a possible candidate. I
> assume that regardless which library we choose the ciphertext will be
> different so it doesn't matter if we also switch the block cipher.
Indeed it makes sense to switch to more reliable code. We will consider
it as well.
--
Michal Čihař | http://cihar.com | http://blog.cihar.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.phpmyadmin.net/pipermail/developers/attachments/20130320/a06ae714/attachment.sig>
More information about the Developers
mailing list