dustinnoe Posted March 2, 2007 Share Posted March 2, 2007 I have a site where users can journal things. I have heard concerns from these users that when something is private to them they do not want anyone to stumble across it. I have put several steps in place to add privacy between users but I want to take it a step farther and hide this data from admins who have access to the database. The solution, I'm guessing is to encrypt or encode the text then save it in the database and decrypt/decode it later. What is the best method to hide/mask this data in the database? Will base64_encode() do the trick? Quote Link to comment Share on other sites More sharing options...
btherl Posted March 2, 2007 Share Posted March 2, 2007 That sounds quite difficult to achieve. base64 will work against someone who is not a programmer, but I assume admins would have some basic programming knowledge. Something which would be secure is to use the user's password to generate an encryption key. For example, the user enters 'trustno1' as their password. The password is hashed with md5() and compared against the hash stored in the database. Then another hash is generated, which could be done by appending a fixed string to the password. This hash is used to encrypt and decrypt that user's journal entries. The big problem there is that a change of password will require re-encryption of all entries.. And forgetting a password will mean loss of all entries. Not such a good idea maybe Quote Link to comment Share on other sites More sharing options...
dustinnoe Posted March 2, 2007 Author Share Posted March 2, 2007 I guess really what I mean is I want to obfuscate the data. Just make it unreadable. When working on the database I don't want to see somthing interesting and cause me to start reading something personal. The integrity of the admin will have to be trusted not decode/decrypt the data. With that said, which php function is most appropiate in terms of ease of use and resource intensity? Quote Link to comment Share on other sites More sharing options...
btherl Posted March 2, 2007 Share Posted March 2, 2007 Oh.. ok i get it. Well, base64 will certainly do it. You could also use str_rot13(), which will use less space (base64 encoding expands data by 33%). You could even use gzip, which will shrink the data, but dealing with binary data is a hassle. Quote Link to comment Share on other sites More sharing options...
dustinnoe Posted March 2, 2007 Author Share Posted March 2, 2007 looks like str_rot13 is what I want. How does it know for sure if it is working with an encoded or decoded string when deciding to decode or encode? Quote Link to comment Share on other sites More sharing options...
ted_chou12 Posted March 2, 2007 Share Posted March 2, 2007 This is what I believe is smart about it, all other encoding functions leave traces in the string, however, str_rot13() doesnt, and the detection can only be made by human, since you use the same function for both encode and decode, therefore, the codes are unrecognizable by the computer. When you encode, you apply the function, and all you get is that every alphabet is been shifted thirteen places, when you apply it again, it becomes the original string since there are only 26 alphabets. Ted Quote Link to comment Share on other sites More sharing options...
dustinnoe Posted March 2, 2007 Author Share Posted March 2, 2007 WOW! I am officially an idiot. I never thought about there being 26 chars in the alphabet. Although I did ask the question "Why 13 and not some other random number?" It was late and that's my excuse. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.