ECB block cypher?
gogolander opened this issue · 1 comments
I noted that you use MCRYPT_MODE_ECB
block. Isn't it depracated as unsecure in favor of more secure blocks like CBC?
With ECB, the same cleartext is encrypted to the same ciphertext. This is bad because an attacker can therefore know which messages are the same (other modes, such as CBC, use an IV to prevent this). ECB does not support an IV, and simply ignores it if provided. The fact that this library creates an IV https://github.com/ambta/DoctrineEncryptBundle/blob/master/Encryptors/AES256Encryptor.php#L27, but then uses ECB, is strange.
There is a fork which uses standard libraries to perform the encryption/decryption which seems like a better choice if you do not need the backwards compatibility: https://github.com/michaeldegroot/DoctrineEncryptBundle