[openssl-users] Using random bytes only in openssl_encrypt versus real private key

Viktor Dukhovni openssl-users at dukhovni.org
Sun Sep 2 22:08:33 UTC 2018

> On Sep 2, 2018, at 7:48 AM, Jim Dutton <randomnoise058 at gmail.com> wrote:
> It appears that the (PHP) openssl_encrypt function will accept a string of
> random bytes as the encryption key in place of a generated private key.

This is an interface to data encryption with the OpenSSL *symmetric*
encryption algorithms, and so the concept of a "private key" does not
apply in this context.  For most of these algorithms a key is just a
random bit-string of the correct length.

Some algorithms like DES had parity bits and weak keys, but DES is
obsolete, and more modern algorithms don't have these features.

> It
> works without any errors or warnings. So does the openssl_decrypt function.

Keep in mind that without a MAC, this interface does not provide much by
way of integrity protection ("padding" gives false positives with non-negligible

> This begs the question: what does openssl_encrypt actually do with just a string
> of random bytes passed as the "key".

It encrypts the data as requested with the given key and IV or authentication



More information about the openssl-users mailing list