mcrypt issues

[Ninjakreborn]

I have 2 pages.

Encrypt.php

<?php
    /* Open the cipher */
    $td = mcrypt_module_open('rijndael-256', '', 'ofb', '');

    /* Create the IV and determine the keysize length, used MCRYPT_RAND
     * on Windows instead */
    $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
    $ks = mcrypt_enc_get_key_size($td);

    /* Create key */
    $key = substr(md5('Secret Key'), 0, $ks);

    /* Intialize encryption */
    mcrypt_generic_init($td, $key, $iv);

    /* Encrypt data */
    $encrypted = mcrypt_generic($td, 'This is very important data');

    /* Terminate encryption handler */
    mcrypt_generic_deinit($td);
echo $key;
?>

 

Decrypt.php

<?php
$td = mcrypt_module_open('rijndael-256', '', 'ofb', '');
    /* Initialize encryption module for decryption */
    mcrypt_generic_init($td, $key, $iv);

    /* Decrypt encrypted string */
    $decrypted = mdecrypt_generic($td, $encrypted);

    /* Terminate decryption handle and close module */
    mcrypt_generic_deinit($td);
    mcrypt_module_close($td);

    /* Show string */
    echo trim($decrypted) . "\n";
?>

The idea is on the encryption page it works.

However I am needing to be able to get it decrypted.

I see that I "can't" just database the key and have enough info to decrypt it.

How do I carry over the other information.

So basically in order to be secure I can just database the iv and key.

I need both of those instead of just the key right.

So basically

1. Encrypt the data.

2. Put it in a file outside the root in a txt file with an identifier.

userid  key    iv

for each record so I can find them later based on "id".  perfect, that should be it.

However, is this going to be completely secure.

[Ninjakreborn]

Question, still ensues?