If you need a message key, obtain it from the openssl_random_pseudo_bytes() function.
DO NOT just hash the current time-- an attacker will guess any such key very easily (he'll just hash a bunch of likely time values and try them until he finds the right one. The attacker can generate and test many millions of candidate hashes every minute using an ordinary PC).