Sign in to follow this  
Witchcraven

PHP encryption

Recommended Posts

I know there is a php encryption lib, but that only solves on of my security problems. I am doing a web stie that stores confidential information, and I will encrypt it, but I am not usre where I should store the key. The 2 options I see are internal to the source, or in a database or file. I would use public key so it was not all that important, but I do not have that option. What is a good method? (or does anyone know of free public key encrption compatible with php?) I mean, if the server was hacked and they got the encrypted files, they would also have the key, so it would not matter if it was encrypted at all.

Share this post


Link to post
Share on other sites
First of all, the server should not be the weak point. Starting with the assumption that it isn't, examine other possible locations of attack: The client side (not your problem), and the transmission of the data. The transmission can be secured via SSL, so that is taken care of.
Now, to ensure the server is secure, you'll need an administrator that knows what they're doing. Once the server is secured, you need to secure the scripts. Make sure you verify all user data and never use anything given by the user (or ANYTHING from forms, HTTP header info, etc) without processing it first (such as properly quoting the data before pasting it into an SQL statement).
Once that is taken care of and all data is properly verified and processed by the script, then you can worry about storing confidential data.

If you can at all avoid it, I'd suggest against storing such data. You don't need to remeber credit card numbers, for example, and customers wouldn't dislike it that much if explained the reason for not keeping such information around. Otherwise, it doesn't really matter whether you store it encrypted or not, because once things have been compromized so much that the hacker has arbitrary access to your database, they can likely get access to any keys you store as well. The best you can do is to store any keys on a seperate hard drive than the data base is on, but the scripts will need access to both drives so they're still the weakpoint.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this