Asymmetrical encryption using PHP...

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
User avatar
bovermyer
Forum Commoner
Posts: 25
Joined: Tue Apr 08, 2008 9:14 am
Location: South Dakota

Asymmetrical encryption using PHP...

Post by bovermyer »

Hi there.

I need to encrypt very sensitive data using an asymmetrical (public key) security scheme. The data must be encrypted via public key and stored in a MySQL database. It must then be able to be retrieved by a user who manually enters the private key in a dialog box (Javascript).

I've done a lot of Googling but can't seem to find how to do this exactly. I need to work with PHP 4.4.1, as that is what's on our server. I've seen a lot of references to PGP/GnuPG with regards to public key encryption, but all of it seems to center around email.

Anyone have any ideas?
User avatar
bovermyer
Forum Commoner
Posts: 25
Joined: Tue Apr 08, 2008 9:14 am
Location: South Dakota

Re: Asymmetrical encryption using PHP...

Post by bovermyer »

Is there really no one who knows anything about public key encryption here?
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Re: Asymmetrical encryption using PHP...

Post by onion2k »

MySQL can do AES encryption without any extensions. That might help. Look at aes_encrypt() and aes_decrypt() in the MySQL manual.
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: Asymmetrical encryption using PHP...

Post by Mordred »

onion2k wrote:MySQL can do AES encryption without any extensions. That might help. Look at aes_encrypt() and aes_decrypt() in the MySQL manual.
Hmm, this would mean that the client has to send his private key over to the web server, who willl send it to the database server.

bovermyer, you would need a javascript implementation for both encryption and decryption. What is this "sensitive" data that you can't do anything else?
Post Reply