Or at least this is what it has been said lately in the world of programming. By the end of the year, PHP will be the first programming language to use Modern Cryptography in the libsodium Standard Library.
“This proposal is to adopt the libsodium extension in the PHP core in PHP 7.2.0.” Isn’t that great news?!
What is Modern Cryptography
In the last years, the subject of “Modern Cryptography” has occupied the minds of many scientists all around the world. But before talking about PHP and modern cryptography, one must first understand what modern cryptography is.
“Cryptography is the practice and study of techniques for secure communication in the presence of third parties called intruders or adversaries.” (source Wikipedia)
So it’s when you are communicating with someone using a code/language that others won’t understand.
This science has been developed for thousands of years, in times of war and times of peace. Nowadays, in the world where the digital presence is almost a must, this science became more and more popular, not to mention necessary.
Do you remember speaking gibberish when you were little? Well, that was a form of classic cryptography. Now you know what cryptography is, what is this modern cryptography that everyone is talking about?
Modern cryptography lies at the bottom of today’s communication security. It is a system that provides combinations of advanced mathematics, number theory, as well as computational-complexity theory, in order to secure data protection from eventual informatic attacks. The modern cryptography operates on binary bit sequences and requires complex mathematical algorithms for information encoding and eventual attack prevention.
The main difference between Modern Cryptography and the Classic one lies in the high-level API exposure and the use of fast primitives designed to resist side-channel cryptanalysis.
What are primitives?
Cryptographic primitives are the algorithms used to build cryptographic protocols for computer security systems. Usually, with the majority of programming languages, programmers are forced to do a key encryption in OpenSSL, meaning that we are forced to choose between RSA and NIST ECC, which as you may know, and as the latest events have shown...it’s good, but not great.
PHP 7.2 adds Modern Cryptography in core
No matter if you like it or not, PHP is the first language to announce the integration of the modern cryptography in the language itself. This means that after this major change is implemented, developers may design software that uses Ed25519 digital signatures with no need of installing additional PHP extensions.
It was high time for a change, as the PHP. Libmcrypt hasn't been changed in eight years, meaning that programmers could only go for OpenSSL.
It may not seem like much, but trust me...it’s huge, and the whole community of cryptographers hopes that this change in PHP will stand as an example for other programming languages everywhere.
We will just have to wait and see it that’s the case….until then, to a brighter, safer web!