PHP - Replacing mcrypt_create_iv() with openssl_random_pseudo_bytes()
I need to up the security of our website, and is currently using the guide here: http://crackstation.net/hashing-security.htm, and also the generation of random passwords here: https://defuse.ca/generating-random-passwords.htm. I gather that both uses the function mcrypt_create_iv() for generating random bytes (or bits?), but for some reason, I encounter errors in installing php-mcrypt under CentOS 6. Fortunately, the first link said that openssl_random_pseudo_bytes() is a CSPRNG (and the PHP documentation and other sources also back that claim), and is available on the current server installation of PHP 5.4, so I have no choice but to use that at the moment. With these in mind, I would like to ask the following:
Does a direct code substitution suffice without affecting security? (That is, just replacing calls to
mcrypt_create_iv()toopenssl_random_pseudo_bytes()would do?)About the constants mentioned in the code (http://crackstation.net/hashing-security.htm#properhashing), the guide says that "[m]ake sure your salt is at least as long as the hash function's output." Am I right in assuming that
PBKDF2_SALT_BYTESandPBKDF2_HASH_BYTESare both set to 24 bytes since the output of thepbkdf2()function would be just 24 bytes, not 32 (for 256 bits) since the underlying algorithm used issha256? (Yes, I am using key stretching too.) In a related note, is 24 bytes fine, or should be increased/decreased, and what effect would that have?
Advanced thanks for those who will answer.
Answer
- I think the security will not be affected because both functions are just cryptographically secure pseudorandom number generators (NB:
openssl_random_pseudo_bytes($len, true)andmcrypt_create_iv($len, MCRYPT_DEV_RANDOM)). PBKDF2_SALT_BYTESis used only in the test functioncreate_hash()and not inpbkdf2()itself. So you just need to implement your own salt generation function using those CSPRNGs.