PHPackages                             byjg/crypto - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. byjg/crypto

ActiveLibrary[Security](/categories/security)

byjg/crypto
===========

A cryptography library for symmetric encryption with an innovative keyless exchange mechanism.

6.0.0(7mo ago)19.5k↓18.9%MITPHPPHP &gt;=8.3 &lt;8.6CI failing

Since Apr 25Pushed 3mo ago1 watchersCompare

[ Source](https://github.com/byjg/php-crypto)[ Packagist](https://packagist.org/packages/byjg/crypto)[ GitHub Sponsors](https://github.com/byjg)[ RSS](/packages/byjg-crypto/feed)WikiDiscussions master Synced yesterday

READMEChangelog (6)Dependencies (2)Versions (10)Used By (0)

   sidebar\_key crypto   tags    php

 cryptography

    Passwordless Cryptography Library
=================================

[](#passwordless-cryptography-library)

A cryptography library for symmetric encryption with an innovative keyless exchange mechanism.

[![Sponsor](https://camo.githubusercontent.com/fab14b7f7f475072ada0473f193d6f322561fd4a2958e0cc89910d053347cf27/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f53706f6e736f722d2532336561346161613f6c6f676f3d67697468756273706f6e736f7273266c6f676f436f6c6f723d7768697465266c6162656c436f6c6f723d306431313137)](https://github.com/sponsors/byjg)[![Build Status](https://github.com/byjg/php-crypto/actions/workflows/phpunit.yml/badge.svg?branch=master)](https://github.com/byjg/php-crypto/actions/workflows/phpunit.yml)[![Opensource ByJG](https://camo.githubusercontent.com/425c1bbccc0f292bf4d20569ae74a6b2e384fd648f1af8911bc61de9a8dcfc0b/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6f70656e736f757263652d62796a672d737563636573732e737667)](http://opensource.byjg.com)[![GitHub source](https://camo.githubusercontent.com/88e61eb211719144efdd570290a0456b6e13099c2df8d973f1bb43fe33bf0039/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4769746875622d736f757263652d696e666f726d6174696f6e616c3f6c6f676f3d676974687562)](https://github.com/byjg/php-crypto/)[![GitHub license](https://camo.githubusercontent.com/9e07bfab11903b068bbf53d93798582ce497261288fe2eabba495890ceeccc69/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f62796a672f7068702d63727970746f2e737667)](https://opensource.byjg.com/opensource/licensing.html)[![GitHub release](https://camo.githubusercontent.com/0c5526cb7ba7ceb520ba10ce04c2fa923eb691b0bd06bfa1b7cbb095f88471ca/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f72656c656173652f62796a672f7068702d63727970746f2e737667)](https://github.com/byjg/php-crypto/releases/)

How it works
------------

[](#how-it-works)

The algorithm is well-known, but the major problem is HOW to store and exchange symmetric keys securely. This library solves this with an innovative "keyless" exchange mechanism:

### Key Seed Instead of Keys

[](#key-seed-instead-of-keys)

Instead of storing or transmitting actual encryption keys, this library uses a **key seed** - a list of 2-255 entries of 32 bytes each (the default is 32 entries). Both the sender and receiver must have the same key seed.

### Dynamic Key Generation with Scrolling Window

[](#dynamic-key-generation-with-scrolling-window)

For each encryption operation:

1. The library uses an 8-byte **scrolling window** to extract random portions from the key seed entries
2. A 4-byte **header** encodes the key seed entry indices and extraction offsets
3. The encrypted data includes this header (embedded in the payload)
4. The actual key and IV are **never stored or transmitted**

The scrolling window can extract 8 bytes from any position (0-24) within each 32-byte key seed entry, providing 25 possible positions per entry, resulting in millions of possible key/IV combinations.

### Keyless Decryption

[](#keyless-decryption)

When decrypting:

1. The 4-byte header is extracted from the encrypted payload
2. Using the same key seed and the header, the exact key and IV are **reconstructed** using the same offsets
3. The data is decrypted and authenticated

This means you can securely exchange encrypted data without ever transmitting the actual encryption keys - only a 4-byte header that's meaningless without the key seed!

Usage
-----

[](#usage)

```
