View Full Version : data encryption in php

07-31-2007, 07:27 AM
I want to make a page/site which should have the security features such as encryption of data. how it can be done using php. do anybody can send some small portion of your code for an idea of how it can implement.

07-31-2007, 08:11 AM



07-31-2007, 12:45 PM
the above are all hash functions which are great for user password etc... if you want to encrypt and decrypt data you can use the mcrypt (http://www.php.net/mcrypt) functions

07-31-2007, 12:59 PM
how does the client get the key with these?

07-31-2007, 03:24 PM
You would need to "send" it to the client.

The encryption/decryption functions provided by the mcrypt library (to the best of my knowledge) are all symmetrical (uses the same key to encode and decode.) So, if someone intercepted the key or was given the key as a trusted client, they could encrypt data and make it appear like they were the originator (or they could decrypt your data, change it, encrypt it, send it on and it would appear to be the original data from you.)

If you have a situation where you want to insure that only you can encrypt data and the client can only decrypt it (and he would know the data was sent by you), you would need to use asymmetrical private/public key encryption/decryption. See the openssl functions to do this - http://php.net/openssl You still need to provide the public key to the client, but he can only decrypt using it. Anyone possessing the public key can decrypt data that you encrypted using the private key. Access to the keys must be restricted in any case.

08-03-2007, 07:37 AM
Thank you all. My problem is i cannot use mcrypt library bcos we are hosting the application in some one else server. there mcrypt is not configured. another thing i like to use Advanced Encryption satndard AES. How we can implement it through PHP. I feel AES is the latest encryption technology. am i right? Do u have any code which you impleneted AES through PHP/Javascript. Waiting for ur comments