-
May 15th, 2005, 01:23 PM
#1
PHP Data Encryption
As people in the Information Technology industry, we work with data on a daily basis. Many times, the data we with is considered sensitive and requires a higher level of protection then most.
Cryptography helps us to protect our most sensitive data from those not authorized to view it.
In todays lesson, I'm going to be using the BlowFish encryption algorithm, and of course, we will be doing this in PHP. Why PHP you ask? (Slap upside your head).
Crypt_Blowfish is a class which preforms Blowfish encryption on the fly using only PHP. It does not require the Mcrypt PHP extension to work. This package allows you to perform two-way blowfish encryption on the fly using only PHP.
Crypt_Blowfish is actually a Pear Package, so you can grab it from here:
http://pear.php.net/package/Crypt_Blowfish/
or as root simply run: #pear install Crypt_Blowfish
Pear is installed by default on most recent versions of PHP. If you don't have it installed, you've either explicity requested not to install during compile time, or your really using an older version of php, which you should upgrade.
Now that we have the package installed, we can begin with the brief lesson.
Before I show you to use this encryption, there are a few things you'll want to take into consideration. First, don't encrypt everything unless it's really necessary. Encrypt things like credit card numbers, social security numbers, home addresses, passwords, financial data. Those are the most highly sensitive types of data you can maintain. So, if you actually work with this type of data, make sure your doing the right thing.
On to the example code:
Code:
<?php
require_once 'Crypt/Blowfish.php'; // Just including the class
// Create the Crypt_Blowfish object using a secret key. The key must be
//protected at all costs. The key is like a password to access the data.
$blowfish = new Crypt_Blowfish('super secret key');
// This is the text we will encrypt
$encrypted = $blowfish->encrypt('Visa Card 4111111111111111');
// At this point you can take $encrypted and place it in your database. If
//you desire.
// Getting back the original message. Where $encrypted = the ciphertext.
// Most likely $encrypted will be your data from a mysql query.
$decrypted = $blowfish->decrypt($encrypted);
// Now here is your encrypted message and the original message.
echo 'Encrypted: ' . bin2hex($encrypted) . "<br />";
echo 'Decrypted: ' . $decrypted;
?>
Not as hard as you thought it was huh. Remember not to lose your key, or your data is gone, unless your the NSA
--------------------------------------------------------
The above code outputs the following:
Encrypted: dda661b7764debf95d09caacbe74244335a884847b22cb476af6c25cfe4baf31
Decrypted: Visa Card 4111111111111111
My name is PuRe and this has been a PHP Crytography tutorial.
-
January 27th, 2012, 01:16 AM
#2
I would suspect it would have something to do with the version of PHP you're running with this code.....That is only a guess as that I am an amateur at best when it comes to this type of PHP coding.....you could try an older version released at the time of this post to test. Again, I am just guessing on this.......
"It is a shame that stupidity is not painful" - Anton LaVey
-
October 4th, 2015, 05:25 PM
#3
Junior Member
PHP Data Encry
Great script upload PHP
is there a way or could you submit a progress bar graphic ???
Many thanks
-
October 27th, 2016, 02:46 PM
#4
Junior Member
Encryption
Cipher and mode
Choosing the best encryption cipher and mode is beyond the scope of this answer, but the final choice affects the size of both the encryption key and initialisation vector; for this post we will be using AES-256-CBC which has a fixed block size of 16 bytes and a key size of either 16, 24 or 32 bytes.
Encryption key
A good encryption key is a binary blob that's generated from a reliable random number generator. The following example would be recommended (>= 5.3):
$key_size = 32; // 256 bits
$encryption_key = openssl_random_pseudo_bytes($key_size, $strong);
// $strong will be true if the key is crypto safe
This can be done once or multiple times (if you wish to create a chain of encryption keys). Keep these as private as possible.
IV
The initialisation vector adds randomness to the encryption and required for CBC mode. These values should be ideally be used only once (technically once per encryption key), so an update to any part of a row should regenerate it.
-
October 26th, 2017, 02:56 PM
#5
Junior Member
-
January 19th, 2018, 05:39 AM
#6
Junior Member
thanks PuRe , topic is very good
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|