We help IT Professionals succeed at work.

When I encrypt/encode a string using codeigniter encryption class, it is different everytime, why?

parlays
parlays asked
on
Hello,

I am using the codeigniter encryption class to encrypt card numbers that are stored in a database.

Here is the problem, if I encrypt say card number 823 and it produces 23wofj2398v, I can decrypt it and there is not problem I get back 823.  But if I encrypt it again I get xc9878dhjj (something different)...  it still decodes to 823.  But why do the two encryptions not produce the same result if I am using the same #.

Because I want to store the encrypted string in the database.  And later when someone searches for 823, I want to encrypt 823 again and search mysql for that encrypted string, but because it is producing different results, I can't search the database for that encrypted string.  Any suggestions how to get it to produce the same encrypted string?
Comment
Watch Question

Chinmay PatelChief Technology Ninja
Distinguished Expert 2018

Commented:
Hi parlays,
I don't think that this approach will work out. CodeIgniter must be salting the encryption algorithm with a time stamp I guess.
Regards,
Chinmay


Author

Commented:
Thanks Chinmay, I'm looking at the CodeIgniter class now and it is double encrypting it I guess...  I'll have to edit the function to encrypt it once...
Chief Technology Ninja
Distinguished Expert 2018
Commented:
I am not that good with Encryption algorithm but If I were you I will be EXTRA careful when editing the encryption component. Also remember you will have some existing data that you might want to recover first. And also you might end up weakening the algorithm. Have you heard of Transparent Encryption. Is it possible for you to use it with your current database?
Most Valuable Expert 2018
Distinguished Expert 2018
Commented:
When you store that data in your database, are you needing to retrieve it again, or just do a search against it. If you don't need the data again you can use a one-way encryption such as SHA1 or MD5