Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is there a reason why the result of Symmetric::encrypt() always starts with 'MUIFA'? #184

Open
oantonioo opened this issue Feb 11, 2023 · 1 comment
Open

Is there a reason why the result of Symmetric::encrypt() always starts with 'MUIFA'? #184

oantonioo opened this issue Feb 11, 2023 · 1 comment

Comments

@oantonioo
Copy link

Can I trust that it will always be like this?

The idea is to send the broken 'encrypted token', removing 'MUIFA' from the beginning and when I receive the token back I add the 5 characters removed and decrypt.

This nonsense serves me for 3 things:
1 - Hide as much as possible that it is an encrypted text
2 - Hide what I use for this behind this, sodium and paragonie.
3 - If someone decides to play with the decryption, missing the first 5 characters will have a new problem.
@paragonie-security
Copy link
Contributor

paragonie-security commented Feb 19, 2023
edited
Loading

The ciphertext consists of a header with version information. This is then base64-encoded.

halite/src/Halite.php

Lines 48 to 50 in cfafc30

const HALITE_VERSION_KEYS = "\x31\x40\x05\x00";
const HALITE_VERSION_FILE = "\x31\x41\x05\x00";
const HALITE_VERSION = "\x31\x42\x05\x00";

If you remove it, then you will have difficulty with decrypting messages across Halite versions. But if you accept that risk, that's fine.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@paragonie-security @oantonioo