PHP Data Encryption
Results 1 to 10 of 10

Thread: PHP Data Encryption

Hybrid View

  1. #1
    Senior Member
    Join Date
    Mar 2003
    Posts
    452

    PHP Data Encryption

    As people in the Information Technology industry, we work with data on a daily basis. Many times, the data we with is considered sensitive and requires a higher level of protection then most.

    Cryptography helps us to protect our most sensitive data from those not authorized to view it.

    In todays lesson, I'm going to be using the BlowFish encryption algorithm, and of course, we will be doing this in PHP. Why PHP you ask? (Slap upside your head).

    Crypt_Blowfish is a class which preforms Blowfish encryption on the fly using only PHP. It does not require the Mcrypt PHP extension to work. This package allows you to perform two-way blowfish encryption on the fly using only PHP.

    Crypt_Blowfish is actually a Pear Package, so you can grab it from here:
    http://pear.php.net/package/Crypt_Blowfish/

    or as root simply run: #pear install Crypt_Blowfish

    Pear is installed by default on most recent versions of PHP. If you don't have it installed, you've either explicity requested not to install during compile time, or your really using an older version of php, which you should upgrade.

    Now that we have the package installed, we can begin with the brief lesson.

    Before I show you to use this encryption, there are a few things you'll want to take into consideration. First, don't encrypt everything unless it's really necessary. Encrypt things like credit card numbers, social security numbers, home addresses, passwords, financial data. Those are the most highly sensitive types of data you can maintain. So, if you actually work with this type of data, make sure your doing the right thing.

    On to the example code:

    Code:
    <?php
    require_once 'Crypt/Blowfish.php';  // Just including the class
    
    // Create the Crypt_Blowfish object using a secret key. The key must be
    //protected at all costs. The key is like a password to access the data.
    $blowfish = new Crypt_Blowfish('super secret key');
    
    // This is the text we will encrypt
    $encrypted = $blowfish->encrypt('Visa Card 4111111111111111');
    
    // At this point you can take $encrypted and place it in your database. If 
    //you desire.
    
    // Getting back the original message. Where $encrypted = the ciphertext.
    // Most likely $encrypted will be your data from a mysql query.
    $decrypted = $blowfish->decrypt($encrypted);
    
    // Now here is your encrypted message and the original message.
    echo 'Encrypted: ' . bin2hex($encrypted) . "<br />";
    echo 'Decrypted: ' . $decrypted;
    
    ?>
    Not as hard as you thought it was huh. Remember not to lose your key, or your data is gone, unless your the NSA
    --------------------------------------------------------
    The above code outputs the following:

    Encrypted: dda661b7764debf95d09caacbe74244335a884847b22cb476af6c25cfe4baf31
    Decrypted: Visa Card 4111111111111111


    My name is PuRe and this has been a PHP Crytography tutorial.
    Like this post? Visit PuRe\'s Information Technology Community. We\'ve also got some kick ass Technology Forums. Shop for books and dvds on LiveWebShop.com

  2. #2
    Senior Member Wazz's Avatar
    Join Date
    Apr 2003
    Posts
    288
    I would suspect it would have something to do with the version of PHP you're running with this code.....That is only a guess as that I am an amateur at best when it comes to this type of PHP coding.....you could try an older version released at the time of this post to test. Again, I am just guessing on this.......
    "It is a shame that stupidity is not painful" - Anton LaVey

  3. #3
    Junior Member
    Join Date
    Oct 2015
    Location
    orbikibly
    Posts
    6

    PHP Data Encry

    Great script upload PHP

    is there a way or could you submit a progress bar graphic ???

    Many thanks

  4. #4
    Junior Member
    Join Date
    May 2016
    Posts
    2
    Encryption

    Cipher and mode

    Choosing the best encryption cipher and mode is beyond the scope of this answer, but the final choice affects the size of both the encryption key and initialisation vector; for this post we will be using AES-256-CBC which has a fixed block size of 16 bytes and a key size of either 16, 24 or 32 bytes.

    Encryption key

    A good encryption key is a binary blob that's generated from a reliable random number generator. The following example would be recommended (>= 5.3):

    $key_size = 32; // 256 bits
    $encryption_key = openssl_random_pseudo_bytes($key_size, $strong);
    // $strong will be true if the key is crypto safe
    This can be done once or multiple times (if you wish to create a chain of encryption keys). Keep these as private as possible.

    IV

    The initialisation vector adds randomness to the encryption and required for CBC mode. These values should be ideally be used only once (technically once per encryption key), so an update to any part of a row should regenerate it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •