Encryption principle: Using different encryption algorithms to add salt encryption processing of strings.
- To prevent the ciphertext from being MD5 by the dictionary for reverse brute force cracking.
The encryption Algorithm (RFC 4357), issued by the U.S. National Security Agency (NSA), is used to encrypt the encryption algorithm created by itself to avoid security vulnerabilities.
The following is the implementation code based on the YII framework.
<?
Php/** * Password encryption algorithm * Encrypt different cryptographic algorithms using different types of ciphers * @author yagas<[email protected]> * @url http://blog.c Sdn.net/yagas * @version 0.1 * @example: * $passwd = new Tpassword (Tpassword::userpassword); * $passwd->encode ("123456"); * $passwd->ckechpassword ("xxxxxx", "123456"); */ class tpassword extends CModel { /** * Password Salt length * @var int */ Private $_satlslen=5;/** * Salt offset value in ciphertext * @var int */ Private $_offset=Ten;/** * Cryptographic algorithm name * @var string */ Private $_passwordtype;/** * Member Login password * @var string * * ConstUserPassword ="sha224";/** * Login password * @var string * * ConstAdminPassword ="snefru256";/** * Pay password * @var string */ ConstPaypassword ="haval128,3"; Public function __construct( $passwordType ) { $this->_passwordtype =$passwordType; } Public function attributenames() { return Array(); }/** * Encrypt String * @param string $password strings that need to be encrypted * @param string $satls crypto Salt * @return String cipher * / Public function encode( $password, $satls=null) { if(Is_null ($satls) ) {$satls="'; while(Strlen ($satls) >$this->_satlslen) {$i= Mt_rand ( $, -);$satls. = Chr ($i); } }$password= Hash ($this->_passwordtype,$password.$satls);$password= MD5 ($password);$newPassword= substr ($password,0,$this->_offset);$newPassword. = Strtolower ($satls) . Substr$password,$this->_offset);returnSubstr$newPassword,0, +); }/** * Verify that the password is correct * @param string $securtyString key * @param string $password password * @return Boolean * / Public function checkpassword( $securtyString, $password ) { $satls= substr ($securtyString,$this->_offset,$this->_satlslen);$password=$this->encode ($password, Strtoupper ($satls) );return $securtyString==$password; }}
Algorithms for password encryption