Articles: 843 | Categories: 148   
   
   
Home Articles Contact Us
 
Categories
 
Php
Asp.Net
C#
Javascript
Css
 
 
 
News section
 
UT
This site is under testing at the moment so please visit us after a sh...
Testing

Welcome to my siteWelcome to my siteWelcome to my site

 
 
Encrypting data with PHP (0 Comments)
Admin: Posted Date: April 4, 2010

PHP provide us with an interesting array of security-oriented functionality. In this article I'll introduce you to this functionality, provides you with a basics from which you can begin incorporating security enhancements into your own applications.

Encrypting data with PHP

Overview: PHP provides us with an interesting array of security-oriented functionality, In this article I'll introduce you to this functionality, providing you with a basis from which you can begin incorporating security enhancements into your own applications.

Using PHP we can easily accomplish One way encryption, In this article I will show you how PHP can be used to do One Way encryption. PHP provides us with built in functions to accomplish one way encryption, the most popular functions used for these are md5() and the crypt() function, In this article we would be using md5() to accomplish one way encryption.

Q:) Now you may ask What the heck does One way encryption mean?
A:) In the most simple terms it means, that the data that you encrypt cannot be decrypted back to it’s original form! One-way encryption? What's the point?" you may say Well sometimes it’s a good idea to be not able to decrypt stuff, I know you must be thinking that I have gone crazy, to explain my point I will give you a simple example.

Suppose you have a site where a password is needed to access a particular area of your site that is restricted, and you are storing this password info in a database or a file, currently you might be storing this password as a normal readable file, suppose tomorrow there is a security breach the person who gets access to your database/file can gets access to all the passwords….. not a pretty picture!

To explain you I will be using the md5() hash function, It converts any string supplied to it into a 128bit, 32 character string. The interesting thing about hashing is that it is impossible to decode a message by examining the hash, because the hashed result is in no way related to the content of the original plain text, to make it clear let me give you an example.

Now suppose that you had encrypted the password data using PHP md5() the hackers just gets password data something like “648a19754f7803769c66f871bsdcd71a” which doesn’t make any sense to him and because it is a one-way encrypted it isn't going to do much good to a hacker because they can never be converted back to the original form.


Let assume our password is : mypass, now instead of storing this password directly we will create a hash of it using md5

random_id.php  

<?php
$password = "mypass";
$encrypted_password = md5($password); //encrypting the password using md5()

echo "Un-encrypted Password: $password";
echo "Encrypted Password: $encrypted_password";
?>

Click on the View Sample output and notice that the encrypted password for “mypass” is a029d0df84eb5549c641e04a9ef389e5 this (128-bit) 32 character string has been generated by the md5() function for mypass., What the md5() does is it generates a unique 32 character hexadecimal number for any string supplied to it.

You can pass any string to the md5() function and it will create a unique the 32 character hexadecimal number for that string.

 

 
 
Add a Comment:
 
(You must be signed in to comment on an article. Not a member? Click here to register)
   
Title:

Comments:
 
   
 
 
 
 
 
Expert Authors
 
1268829389Image016.jpg  
1272104937professional.jpg
 
 
Home | About us | Contact us | Advertisement | Terms of use