Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    anu
    anu is offline
    New Coder
    Join Date
    Jan 2006
    Posts
    42
    Thanks
    0
    Thanked 0 Times in 0 Posts

    data encryption in php

    I want to make a page/site which should have the security features such as encryption of data. how it can be done using php. do anybody can send some small portion of your code for an idea of how it can implement.

  • #2
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts

  • #3
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,073
    Thanks
    11
    Thanked 98 Times in 96 Posts
    the above are all hash functions which are great for user password etc... if you want to encrypt and decrypt data you can use the mcrypt functions
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #4
    Senior Coder timgolding's Avatar
    Join Date
    Aug 2006
    Location
    Southampton
    Posts
    1,519
    Thanks
    114
    Thanked 110 Times in 109 Posts
    how does the client get the key with these?
    You can not say you know how to do something, until you can teach it to someone else.

  • #5
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,070
    Thanks
    2
    Thanked 319 Times in 311 Posts
    You would need to "send" it to the client.

    The encryption/decryption functions provided by the mcrypt library (to the best of my knowledge) are all symmetrical (uses the same key to encode and decode.) So, if someone intercepted the key or was given the key as a trusted client, they could encrypt data and make it appear like they were the originator (or they could decrypt your data, change it, encrypt it, send it on and it would appear to be the original data from you.)

    If you have a situation where you want to insure that only you can encrypt data and the client can only decrypt it (and he would know the data was sent by you), you would need to use asymmetrical private/public key encryption/decryption. See the openssl functions to do this - http://php.net/openssl You still need to provide the public key to the client, but he can only decrypt using it. Anyone possessing the public key can decrypt data that you encrypted using the private key. Access to the keys must be restricted in any case.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #6
    anu
    anu is offline
    New Coder
    Join Date
    Jan 2006
    Posts
    42
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thank you all. My problem is i cannot use mcrypt library bcos we are hosting the application in some one else server. there mcrypt is not configured. another thing i like to use Advanced Encryption satndard AES. How we can implement it through PHP. I feel AES is the latest encryption technology. am i right? Do u have any code which you impleneted AES through PHP/Javascript. Waiting for ur comments


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •