Jump to content

Recommended Posts

Hey All,

 

What's the best encryption method for use in a PHP business web application?

 

I've heard about AES 128 and AES 256 being really good but I can't find any PHP code to do this.

 

I have a method so far that does the following cryptography methods:

 

* SHA1

* SHA1a

* SHA1b

* SHA256

* SHA384

* SHA512

* base64

* md5-32bit

* md5-128bit

* checksum-32bit

Link to comment
https://forums.phpfreaks.com/topic/92869-cryptography-in-php/
Share on other sites

Does anyone use encryption for passwords in databases?

 

Um, no. You use a hash for a password, which is not really encryption. With a hash there is no way to deduce the original value from the hashed value. And before anyone pipes up saying there are plenty of sites that can get the value of an MD5 hash, those sites use a rainbow table of known hashed values. That is not unencrypting something.

 

Hashing is good for passwords, because you never really need to know the password. When the user logs in you just take their entered value, hash it, and see if it matches the value in the database.

 

When hashing a password it is a good idea to use a "salt" (this is additional information added tot he hashed value) or multiple hashes this makes it impossible for someone to 'crack' the password unless they have knowledge of your method.

 

For example if username cannot be changed then you can use that as a salt"

 

$hased_password = MD5(SHA($password.$username));

 

Encryption is used when yuo want to secure a value, but you must be able to retrieve the original value. This would be if you needed to store CC info so the user could make a purchase with their saved CC info, for instance.

Link to comment
https://forums.phpfreaks.com/topic/92869-cryptography-in-php/#findComment-480561
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.