AES (Advanced Encryption Standard) is a popular encryption method used to protect sensitive information. It works with key sizes of 128, 192, and 256 bits. CBC (Cipher Block Chaining) is a mode often paired with AES, adding an Initialization Vector (IV) to boost security.
In this article, we’ll explore how to perform AES-128-CBC encryption and decryption in PHP.
Suggested Read: Creating a PHP Callback Page for Receiving JSON Data: A Step-by-Step Guide
Understanding AES Encryption
AES, also known as Rijndael, operates on blocks of data, with the block size being 128 bits. It supports key sizes of 128, 192, or 256 bits. In this example, we’ll focus on AES-128, which uses a 128-bit key.
AES encryption involves multiple rounds of transformations, including substitution, permutation, and mixing of the data. The core strength of AES lies in its ability to resist various cryptographic attacks.
Understanding CBC (Cipher Block Chaining) Mode
CBC (Cipher Block Chaining) mode adds an extra layer of security to AES by chaining each block of plaintext to the previous cipher text block before encryption.
This method introduces an Initialization Vector (IV), which mixes with the first block of data before encryption. Following blocks mix with the previous cipher text block before encryption.
CBC mode prevents identical plaintext blocks from producing identical cipher text blocks, enhancing security against certain attacks like pattern analysis.
AES 128 CBC Mode Encryption and Decryption in PHP
Now, let’s dive into the implementation of AES-128-CBC encryption and decryption in PHP. We’ll use the OpenSSL extension, which provides functions for cryptographic operations.
Step-1: Create a new PHP file “aes.php“
Let’s start by writing a Class: AesCipher and two functions: aes_encrypt() and aes_decrypt(). These functions will handle encryption and decryption using AES-128-CBC mode.
|
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
<?php class AesCipher { private const OPENSSL_CIPHER_NAME = "aes-128-cbc"; private const CIPHER_KEY_LEN = 16; private static function fixKey($key) { if (strlen($key) < AesCipher::CIPHER_KEY_LEN) { return str_pad("$key", AesCipher::CIPHER_KEY_LEN, "0"); } if (strlen($key) > AesCipher::CIPHER_KEY_LEN) { return substr($key, 0, AesCipher::CIPHER_KEY_LEN); } return $key; } static function aes_encrypt($key, $iv, $data) { $encodedEncryptedData = base64_encode(openssl_encrypt($data, AesCipher::OPENSSL_CIPHER_NAME, AesCipher::fixKey($key), OPENSSL_RAW_DATA, $iv)); $encryptedPayload = $encodedEncryptedData; return $encryptedPayload; } static function aes_decrypt($key, $iv, $data) { $encrypted = $data; $decryptedData = openssl_decrypt(base64_decode($encrypted), AesCipher::OPENSSL_CIPHER_NAME, AesCipher::fixKey($key), OPENSSL_RAW_DATA, $iv); return $decryptedData; } } |
Step-2: Usage Example
Now, let’s see how we can use these functions to encrypt and decrypt data.
|
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
<?php include 'aes.php'; $AesCipher = new AesCipher(); // initialize object of the class $AUTH_KEY = 'keW6XycuiMoh4L5f'; // 16-byte key $AUTH_IV = 'vjSDPfi3O0spb5Kn'; // 16-byte key $arrdata = array( "full_name" => "Tutorials Website", "email" => "info@tutorialswebsite.com", "phone_number" => "9999998888", "address" => "Delhi", ); $encData = json_encode($arrdata); //encrypt data $encrypted_data = $AesCipher->aes_encrypt($AUTH_KEY, $AUTH_IV, $encData); echo "Encrypted Data: " . $encrypted_data; //decrypt data $decrypted_data = $AesCipher->aes_decrypt($AUTH_KEY, $AUTH_IV, $encrypted_data); echo "\nDecrypted Data: " . $decrypted_data; ?> |
Are you want to get implementation help, or modify or extend the functionality of this script?
A Tutorialswebsite Expert can do it for you.
Conclusion
By understanding and implementing AES encryption in your PHP applications, you can safeguard sensitive data from unauthorised access and maintain confidentiality.
Thanks for reading 🙏, I hope you found the How to Display Default Variation Regular and Sale Price in WooCommerce tutorial helpful for your project. Keep learning! If you face any problems – I am here to solve your problems.
Also Read: How to generate dynamic QR code using PHP
FAQs
AES (Advanced Encryption Standard) is a popular encryption method used to protect sensitive information.
Yes, AES encryption is highly secure.
CBC (Cipher Block Chaining) mode creates an extra layer of security to AES encryption.
You can use PHP’s OpenSSL extension to encrypt and decrypt data using AES. By using the right functions and keeping your keys safe, you can do this effectively.
Pradeep Maurya is the Professional Web Developer & Designer and the Founder of “Tutorials website”. He lives in Delhi and loves to be a self-dependent person. As an owner, he is trying his best to improve this platform day by day. His passion, dedication and quick decision making ability to stand apart from others. He’s an avid blogger and writes on the publications like Dzone, e27.co
