I plan on implementing an encryption method for my user auth’s storage of email addresses. I’ve been doing a bit of reading and most up-to-date tutorials and posts suggest openssl_en/decrypt to do this. It looks like this function will do what I need, but I have a question about the implementation:
Should I be using a key common to all the encryptions and then storing an iv separately associated with each email address? To clarify, the same key for each encryption and an IV for each one, stored in alongside the email address?
I think storing a different iv for each password will give you a reason to mess up your strings + storing keys near the encripted value is not a good idea.
If someone can view your database he will be able to to view plain text iv.
If someone can access your code… you have bigger issues and the encription is not the worst one
My advice, if you want a security boost, you can have a set of IVs that are stored into a PHP file
<?php
$ivs = ['1' => 'iv1', '2' => 'iv1', '3' => 'iv1',];
and you only store the id (1, 2, 3) in the database.
Of course, you can add IVs in time or even update the list (decrypt + reencrypt with new keys).
While the password_hash module does that for the salt used for hashing the individual passwords, the important difference between hashing and encrypting is that hashing is a one way process while encrypting is two way. If any of the information needed to decrypt the email address is stored with the email address then you are making it easier for anyone to decrypt.
