Current Location: Home> Latest Articles> Encryption algorithms supported by crypt() and their uses

Encryption algorithms supported by crypt() and their uses

M66 2025-06-02

In PHP, the crypt() function is a function used to encrypt strings in one-way, mainly used to process password hashing. This function automatically selects different encryption algorithms based on the provided "salt" value, thereby achieving flexible encryption methods. Understanding the encryption algorithm supported by crypt() and its applicable scenarios will help developers make more reasonable choices in security design.

1. DES (Standard Encryption)

How to use:

 $hash = crypt('mypassword', 'rl');

illustrate:
This is one of the earliest encryption methods. It uses two characters' salt value and generates a 13 character hash value.

Applicable scenarios:

  • Compatible with old systems.

  • Not recommended for modern applications because it is less secure and vulnerable to brute-force attacks.

2. Extended DES (Extended DES)

How to use:

 $hash = crypt('mypassword', '_J9..rasm');

illustrate:
It triggers the algorithm with a salt value starting with _ , allowing more salt levels and iterations to be specified.

Applicable scenarios:

  • Also prepared for old systems, but slightly stronger than standard DES.

  • Still not recommended for use in new projects.

3. MD5

How to use:

 $hash = crypt('mypassword', '$1$someSalt$');

illustrate:
When the salt starts with $1$ , crypt() uses the MD5 hashing algorithm. The output is 34 characters in length.

Applicable scenarios:

  • Environments that have high performance requirements but not very high safety requirements.

  • It has gradually been replaced by safer algorithms and is not recommended for storing sensitive information.

4. Blowfish (bcrypt)

How to use:

 $hash = crypt('mypassword', '$2y$10$usesomesillystringforsalt$');

illustrate:
Salts starting with $2a$ , $2b$ or $2y$ are represented using the Blowfish algorithm (i.e. bcrypt). The number 10 is a cost factor, indicating the computational complexity, and the default range is usually 4 to 31.

Applicable scenarios:

  • Recommended for user password encryption.

  • It has high security, supports cost factor adjustment, and can effectively resist brute-force cracking.

5. SHA-256 and SHA-512

How to use:

 // SHA-256
$hash256 = crypt('mypassword', '$5$rounds=5000$mysalt$');

// SHA-512
$hash512 = crypt('mypassword', '$6$rounds=5000$mysalt$');

illustrate:
Starting with $5$ means SHA-256, and starting with $6$ means SHA-512. The number of iterations can be adjusted through the rounds parameter to increase the calculation cost.

Applicable scenarios:

  • A situation where high security is required without the need to introduce external libraries.

  • Back-end encryption processing with relatively loose performance requirements.

  • Used for user password encryption in some Linux systems.

Related