Analysis of the Principle of the discuz program's PHP encryption function

The principle is as follows:
Encryption
Plaintext: 1010 1001
Key: 1110 0011
Ciphertext: 0100 1010
The ciphertext 0100 1010 is obtained, and the decryption must be different from the key or lower.
Decryption
Ciphertext: 0100 1010
Key: 1110 0011
Plaintext: 1010 1001
There is no advanced algorithm, and the key is very important. The key is how to generate the key.
Let's take a look at how kangsheng's authcode works.
Copy codeThe Code is as follows:
// Parameter description
// $ String: plaintext or ciphertext
// $ Operation: DECODE indicates decryption, and others indicates Encryption
// $ Key: key
// $ Expiry: ciphertext Validity Period
Function authcode ($ string, $ operation = 'decode', $ key = '', $ expiry = 0 ){
// The length of the dynamic key. Different ciphertext values are generated for the same plaintext based on the dynamic key.
$ Ckey_length = 4;

// Key
$ Key = md5 ($ key? $ Key: $ GLOBALS ['discuz _ auth_key ']);

// Key a is used for encryption and decryption.
$ Keya = md5 (substr ($ key, 0, 16 ));
// Key B is used for data integrity verification.
$ Keyb = md5 (substr ($ key, 16, 16 ));
// Key c is used to change the generated ciphertext
$ Keyc = $ ckey_length? ($ Operation = 'decode '? Substr ($ string, 0, $ ckey_length ):
Substr (md5 (microtime (),-$ ckey_length )):'';
// Key used for calculation
$ Cryptkey = $ keya. md5 ($ keya. $ keyc );
$ Key_length = strlen ($ cryptkey );
// Plaintext. The first 10 digits are used to save the timestamp. Data Validity is verified during decryption, and 10 to 26 digits are used to save $ keyb (Key B). Data integrity is verified through this key during decryption.
// If it is decoded, it starts from the $ ckey_length bit, because the $ ckey_length bit before the ciphertext stores the dynamic key to ensure correct decryption.
$ String = $ operation = 'decode '? Base64_decode (substr ($ string, $ ckey_length )):
Sprintf ('% 010d', $ expiry? $ Expiry + time (): 0). substr (md5 ($ string. $ keyb), 0, 16). $ string;
$ String_length = strlen ($ string );
$ Result = '';
$ Box = range (1, 0,255 );
$ Rndkey = array ();
// Generate a key book
For ($ I = 0; $ I <= 255; $ I ++ ){
$ Rndkey [$ I] = ord ($ cryptkey [$ I % $ key_length]);
}
// Use a fixed algorithm to disrupt the key book and increase randomness. It seems complicated. In fact, it does not increase the ciphertext strength.
For ($ j = $ I = 0; I I <256; $ I ++ ){
$ J = ($ j + $ box [$ I] + $ rndkey [$ I]) % 256;
$ Tmp = $ box [$ I];
$ Box [$ I] = $ box [$ j];
$ Box [$ j] = $ tmp;
}
// Core encryption/Decryption part
For ($ a = $ j = $ I = 0; $ I <$ string_length; $ I ++ ){
$ A = ($ a + 1) % 256;
$ J = ($ j + $ box [$ a]) % 256;
$ Tmp = $ box [$ a];
$ Box [$ a] = $ box [$ j];
$ Box [$ j] = $ tmp;
// The keys obtained from the key book are different or converted into characters.
$ Result. = chr (ord ($ string [$ I]) ^ ($ box [($ box [$ a] + $ box [$ j]) % 256]);
}
If ($ operation = 'decode '){
// Substr ($ result, 0, 10) = 0 verify Data Validity
// Substr ($ result, 0, 10)-time ()> 0 to verify data Validity
// Substr ($ result, 10, 16) = substr (md5 (substr ($ result, 26). $ keyb), 0, 16) verify data integrity
// Verify the data validity. See the unencrypted plaintext format.
If (substr ($ result, 0, 10) = 0 | substr ($ result, 0, 10)-time ()> 0 )&&
Substr ($ result, 10, 16) = substr (md5 (substr ($ result, 26). $ keyb), 0, 16 )){
Return substr ($ result, 26 );
} Else {
Return '';
}
} Else {
// Save the dynamic key in the ciphertext, Which is why different ciphertext can be decrypted in the same plain text.
// Because the encrypted ciphertext may be special characters, the copying process may be lost, so it is base64-encoded.
Return $ keyc. str_replace ('=', '', base64_encode ($ result ));
}
}

However, it is a pity that the ownership of this function belongs to the idea of KANG Sheng and cannot be freely used.