SlideShare ist ein Scribd-Unternehmen logo

Encryption in php

sana mateen
sana mateen

Mcrypt package in php for implementing encryption

Bildung
1 von 9
PHP ENCRYPTION AND MYCRYPT PACKAGE By SANA MATEEN
PHP ENCRYPTION FUNCTIONS • Encryption over the Web is largely useless unless the scripts running the encryption schemes are operating on an SSL-enabled server. Why? • PHP is a server-side scripting language, so information must be sent to the server in plain-text format before it can be encrypted. • There are many ways that an unwanted third party can watch this information as it is transmitted from the user to the server if the user is not operating via a secured connection. • Encrypting Data with the md5() Hash Function • The md5() function uses MD5, a third-party hash algorithm often used for creating digital signatures (among other things). Digital signatures can, in turn, be used to uniquely identify the sending party. • MD5 is considered to be a one-way hashing algorithm, which means there is no practical way to dehash data that has been hashed using md5(). Its prototype looks like this: • string md5(string str) • The MD5 algorithm can also be used as a password verification system. Because it is (in theory) extremely difficult to retrieve the original string that has been hashed using the MD5 algorithm, you could hash a given password using MD5 and then compare that encrypted password against those that a user enters to gain access to restricted information.
• For example, assume that your secret password toystore has an MD5 hash of • 745e2abd7c52ee1dd7c14ae0d71b9d76. • You can store this hashed value on the server and compare it to the MD5 hash equivalent of the password the user attempts to enter. • Even if an intruder gets hold of the encrypted password, it wouldn’t make much difference because that intruder can’t return the string to its original format through conventional means. An example of hashing a string using md5() follows: • Remember that to store a complete hash in a database, you need to set the field length to 32 characters.
The MCrypt Package • MCrypt is a popular data-encryption package available for use with PHP, providing support for two-way • encryption (i.e., encryption and decryption). Before you can use it, you need to follow these installation • instructions: • 1.Go to http://mcrypt.sourceforge.net and download the package source. • 2. Extract the contents of the compressed distribution and follow the installation • instructions as specified in the INSTALL document. • 3. Compile PHP with the --with-mcrypt option. • MCrypt supports the following encryption algorithms:
Encrypting Data with MCrypt • The mcrypt_encrypt() function encrypts the provided data, returning the encrypted result. The • prototype follows: • string mcrypt_encrypt(string cipher, string key, string data,string mode [, string iv]) • The provided cipher names the particular encryption algorithm, and the parameter key determines the key used to encrypt the data. The mode parameter specifies one of the six available encryption modes: • electronic codebook, cipher block chaining, cipher feedback, 8-bit output feedback, N-bit output feedback, and a special stream mode. Each is referenced by an abbreviation: ecb, cbc, cfb, ofb, nofb, and stream, respectively. Finally, the iv parameter initializes cbc, cfb, ofb, and certain algorithms used in stream mode. Consider an example:
Decrypting Data with MCrypt • The mcrypt_decrypt() function decrypts a previously encrypted cipher, provided that the cipher, key, and mode are the same as those used to encrypt the data. Its prototype follows: • string mcrypt_decrypt(string cipher, string key, string data,string mode [, string iv]) • Go ahead and insert the following line into the previous example, directly after the last statement: • echo mcrypt_decrypt(MCRYPT_DES, $key, $enc, MCRYPT_MODE_CBC, $iv); • The methods in this section are only those that are in some way incorporated into the PHPextension set. However, you are not limited to these encryption/hashing solutions.
File-Based Authentication • The PHP script required to parse this file and authenticate a user against a given login pair is only a tad more complicated than the script used to authenticate against a hard-coded authentication pair. The difference lies in the script’s additional duty of reading the text file into an array, and then cycling through that array searching for a match. This involves the use of several functions, including the following: • file(string filename): The file() function reads a file into an array, with each • element of the array consisting of a line in the file. • explode(string separator, string string [, int limit]): The explode() function • splits a string into a series of substrings, with each string boundary determined by a specific separator. • md5(string str): The md5() function calculates an MD5 hash of a string, using RSA • Security Inc.’s MD5 Message-Digest algorithm (www.rsa.com). Because the • passwords are stored using the same encrypted format, you first use the md5() function to encrypt the provided password, comparing the result with what is stored locally.
•Although the file-based authentication system works well for relatively small, static authentication lists, this strategy can quickly become inconvenient when you’re handling a large number of users; •when users are regularly being added, deleted, and modified;
Database-Based Authentication CREATE TABLE logins ( id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY, username VARCHAR(255) NOT NULL, pswd CHAR(32) NOT NULL );

Empfohlen

Hashing Algorithm: MD5
Hashing Algorithm: MD5Hashing Algorithm: MD5
Hashing Algorithm: MD5ijsrd.com
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5AlgorithmMirza Tarannum
 
The MD5 hashing algorithm
The MD5 hashing algorithmThe MD5 hashing algorithm
The MD5 hashing algorithmBob Landstrom
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsAbdul Manaf Vellakodath
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5Khulna University, Khulna, Bangladesh
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Md5
Md5Md5
Md5annamalai
 

Empfohlen

Hashing Algorithm: MD5
Hashing Algorithm: MD5Hashing Algorithm: MD5
Hashing Algorithm: MD5ijsrd.com
 
MD5Algorithm
MD5AlgorithmMD5Algorithm
MD5AlgorithmMirza Tarannum
 
The MD5 hashing algorithm
The MD5 hashing algorithmThe MD5 hashing algorithm
The MD5 hashing algorithmBob Landstrom
 
Network security cryptographic hash function
Network security cryptographic hash functionNetwork security cryptographic hash function
Network security cryptographic hash functionMijanur Rahman Milon
 
Cryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsCryptography - Simplified - Hash Functions
Cryptography - Simplified - Hash FunctionsAbdul Manaf Vellakodath
 
Cryptographic hash function md5
Cryptographic hash function md5Cryptographic hash function md5
Cryptographic hash function md5Khulna University, Khulna, Bangladesh
 
Hash Function & Analysis
Hash Function & AnalysisHash Function & Analysis
Hash Function & AnalysisPawandeep Kaur
 
Md5
Md5Md5
Md5annamalai
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing FunctionsYusuf Uzun
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
Hashing
HashingHashing
HashingHossain Md Shakhawat
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
The SHA Hashing Algorithm
The SHA Hashing AlgorithmThe SHA Hashing Algorithm
The SHA Hashing AlgorithmBob Landstrom
 
Lecture 3b public key_encryption
Lecture 3b public key_encryptionLecture 3b public key_encryption
Lecture 3b public key_encryptionrajakhurram
 
MD-5 : Algorithm
MD-5 : AlgorithmMD-5 : Algorithm
MD-5 : AlgorithmSahil Kureel
 
Cns
CnsCns
CnsArthyR3
 
Ch12
Ch12Ch12
Ch12Joe Christensen
 
Message digest 5
Message digest 5Message digest 5
Message digest 5Tirthika Bandi
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
Hash
HashHash
HashTazo Al
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3koolkampus
 
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash FunctionsCNIT 141: 6. Hash Functions
CNIT 141: 6. Hash FunctionsSam Bowne
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5志璿 楊
 
MD5
MD5MD5
MD5rokham khawaja
 
A technical writing on cryptographic hash function md5
A technical writing on cryptographic hash function md5A technical writing on cryptographic hash function md5
A technical writing on cryptographic hash function md5Khulna University, Khulna, Bangladesh
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Message AUthentication Code
Message AUthentication CodeMessage AUthentication Code
Message AUthentication CodeKeval Bhogayata
 
Encryption pres
Encryption presEncryption pres
Encryption presMereySovet
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithmstrilokchandra prakash
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing FunctionsYusuf Uzun
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functionsMazin Alwaaly
 
The SHA Hashing Algorithm
The SHA Hashing AlgorithmThe SHA Hashing Algorithm
The SHA Hashing AlgorithmBob Landstrom
 
Lecture 3b public key_encryption
Lecture 3b public key_encryptionLecture 3b public key_encryption
Lecture 3b public key_encryptionrajakhurram
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmAjay Karri
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3koolkampus
 
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash FunctionsCNIT 141: 6. Hash Functions
CNIT 141: 6. Hash FunctionsSam Bowne
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5志璿 楊
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Message AUthentication Code
Message AUthentication CodeMessage AUthentication Code
Message AUthentication CodeKeval Bhogayata
 

Was ist angesagt? (20)

Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing Functions
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash function
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Hashing
HashingHashing
Hashing
 
Information and data security cryptographic hash functions
Information and data security cryptographic hash functionsInformation and data security cryptographic hash functions
Information and data security cryptographic hash functions
 
The SHA Hashing Algorithm
The SHA Hashing AlgorithmThe SHA Hashing Algorithm
The SHA Hashing Algorithm
 
Lecture 3b public key_encryption
Lecture 3b public key_encryptionLecture 3b public key_encryption
Lecture 3b public key_encryption
 
MD-5 : Algorithm
MD-5 : AlgorithmMD-5 : Algorithm
MD-5 : Algorithm
 
Cns
CnsCns
Cns
 
Ch12
Ch12Ch12
Ch12
 
Message digest 5
Message digest 5Message digest 5
Message digest 5
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 Algorithm
 
Hash
HashHash
Hash
 
Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3Cryptography and Message Authentication NS3
Cryptography and Message Authentication NS3
 
CNIT 141: 6. Hash Functions
CNIT 141: 6. Hash FunctionsCNIT 141: 6. Hash Functions
CNIT 141: 6. Hash Functions
 
Message authentication with md5
Message authentication with md5Message authentication with md5
Message authentication with md5
 
MD5
MD5MD5
MD5
 
A technical writing on cryptographic hash function md5
A technical writing on cryptographic hash function md5A technical writing on cryptographic hash function md5
A technical writing on cryptographic hash function md5
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit iv
 
Message AUthentication Code
Message AUthentication CodeMessage AUthentication Code
Message AUthentication Code
 

Ähnlich wie Encryption in php

Encryption pres
Encryption presEncryption pres
Encryption presMereySovet
 
Automatic tool for static analysis
Automatic tool for static analysisAutomatic tool for static analysis
Automatic tool for static analysisChong-Kuan Chen
 
Breaking out of crypto authentication
Breaking out of crypto authenticationBreaking out of crypto authentication
Breaking out of crypto authenticationMohammed Adam
 
How does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsHow does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsAjay Ohri
 
multiple encryption in clouud computing
multiple encryption in clouud computingmultiple encryption in clouud computing
multiple encryption in clouud computingRauf Wani
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network SecurityUC San Diego
 
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdfSetiya Nugroho
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxssuserd5e356
 
Information and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authenticationInformation and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authenticationVaibhav Khanna
 
Applied cryptanalysis - everything else
Applied cryptanalysis - everything elseApplied cryptanalysis - everything else
Applied cryptanalysis - everything elseVlad Garbuz
 
Fundamentals of Information Encryption
Fundamentals of Information EncryptionFundamentals of Information Encryption
Fundamentals of Information EncryptionAmna Magzoub
 
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...zachdwg
 
Security in Manets using Cryptography Algorithms
Security in Manets using Cryptography AlgorithmsSecurity in Manets using Cryptography Algorithms
Security in Manets using Cryptography AlgorithmsIRJET Journal
 

Ähnlich wie Encryption in php (20)

Encryption pres
Encryption presEncryption pres
Encryption pres
 
Encryption algorithms
Encryption algorithmsEncryption algorithms
Encryption algorithms
 
Automatic tool for static analysis
Automatic tool for static analysisAutomatic tool for static analysis
Automatic tool for static analysis
 
rspamd-fosdem
rspamd-fosdemrspamd-fosdem
rspamd-fosdem
 
Breaking out of crypto authentication
Breaking out of crypto authenticationBreaking out of crypto authentication
Breaking out of crypto authentication
 
How does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsHow does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen Ooms
 
Secure socket later
Secure socket laterSecure socket later
Secure socket later
 
Web cryptography javascript
Web cryptography javascriptWeb cryptography javascript
Web cryptography javascript
 
multiple encryption in clouud computing
multiple encryption in clouud computingmultiple encryption in clouud computing
multiple encryption in clouud computing
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network Security
 
Basic Cryptography.pdf
Basic Cryptography.pdfBasic Cryptography.pdf
Basic Cryptography.pdf
 
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptxUNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
UNIT 4 CRYPTOGRAPHIC SYSTEMS.pptx
 
Information and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authenticationInformation and network security 37 hash functions and message authentication
Information and network security 37 hash functions and message authentication
 
Cryptography
CryptographyCryptography
Cryptography
 
Applied cryptanalysis - everything else
Applied cryptanalysis - everything elseApplied cryptanalysis - everything else
Applied cryptanalysis - everything else
 
Fundamentals of Information Encryption
Fundamentals of Information EncryptionFundamentals of Information Encryption
Fundamentals of Information Encryption
 
Hashing
HashingHashing
Hashing
 
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
 
Ciphers
CiphersCiphers
Ciphers
 
Security in Manets using Cryptography Algorithms
Security in Manets using Cryptography AlgorithmsSecurity in Manets using Cryptography Algorithms
Security in Manets using Cryptography Algorithms
 

Mehr von sana mateen

PHP Variables and scopes
PHP Variables and scopesPHP Variables and scopes
PHP Variables and scopessana mateen
 
Php and web forms
Php and web formsPhp and web forms
Php and web formssana mateen
 
Authentication methods
Authentication methodsAuthentication methods
Authentication methodssana mateen
 
Unit 1-subroutines in perl
Unit 1-subroutines in perlUnit 1-subroutines in perl
Unit 1-subroutines in perlsana mateen
 
Unit 1-uses for scripting languages,web scripting
Unit 1-uses for scripting languages,web scriptingUnit 1-uses for scripting languages,web scripting
Unit 1-uses for scripting languages,web scriptingsana mateen
 
Unit 1-strings,patterns and regular expressions
Unit 1-strings,patterns and regular expressionsUnit 1-strings,patterns and regular expressions
Unit 1-strings,patterns and regular expressionssana mateen
 
Unit 1-scalar expressions and control structures
Unit 1-scalar expressions and control structuresUnit 1-scalar expressions and control structures
Unit 1-scalar expressions and control structuressana mateen
 
Unit 1-perl names values and variables
Unit 1-perl names values and variablesUnit 1-perl names values and variables
Unit 1-perl names values and variablessana mateen
 

Mehr von sana mateen (20)

Files
FilesFiles
Files
 
PHP Variables and scopes
PHP Variables and scopesPHP Variables and scopes
PHP Variables and scopes
 
Php intro
Php introPhp intro
Php intro
 
Php and web forms
Php and web formsPhp and web forms
Php and web forms
 
Mail
MailMail
Mail
 
Files in php
Files in phpFiles in php
Files in php
 
File upload php
File upload phpFile upload php
File upload php
 
Regex posix
Regex posixRegex posix
Regex posix
 
Authentication methods
Authentication methodsAuthentication methods
Authentication methods
 
Xml schema
Xml schemaXml schema
Xml schema
 
Xml dtd
Xml dtdXml dtd
Xml dtd
 
Xml dom
Xml domXml dom
Xml dom
 
Xhtml
XhtmlXhtml
Xhtml
 
Intro xml
Intro xmlIntro xml
Intro xml
 
Dom parser
Dom parserDom parser
Dom parser
 
Unit 1-subroutines in perl
Unit 1-subroutines in perlUnit 1-subroutines in perl
Unit 1-subroutines in perl
 
Unit 1-uses for scripting languages,web scripting
Unit 1-uses for scripting languages,web scriptingUnit 1-uses for scripting languages,web scripting
Unit 1-uses for scripting languages,web scripting
 
Unit 1-strings,patterns and regular expressions
Unit 1-strings,patterns and regular expressionsUnit 1-strings,patterns and regular expressions
Unit 1-strings,patterns and regular expressions
 
Unit 1-scalar expressions and control structures
Unit 1-scalar expressions and control structuresUnit 1-scalar expressions and control structures
Unit 1-scalar expressions and control structures
 
Unit 1-perl names values and variables
Unit 1-perl names values and variablesUnit 1-perl names values and variables
Unit 1-perl names values and variables
 

Kürzlich hochgeladen

BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 

Kürzlich hochgeladen (20)

BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 

Encryption in php

  • 1. PHP ENCRYPTION AND MYCRYPT PACKAGE By SANA MATEEN
  • 2. PHP ENCRYPTION FUNCTIONS • Encryption over the Web is largely useless unless the scripts running the encryption schemes are operating on an SSL-enabled server. Why? • PHP is a server-side scripting language, so information must be sent to the server in plain-text format before it can be encrypted. • There are many ways that an unwanted third party can watch this information as it is transmitted from the user to the server if the user is not operating via a secured connection. • Encrypting Data with the md5() Hash Function • The md5() function uses MD5, a third-party hash algorithm often used for creating digital signatures (among other things). Digital signatures can, in turn, be used to uniquely identify the sending party. • MD5 is considered to be a one-way hashing algorithm, which means there is no practical way to dehash data that has been hashed using md5(). Its prototype looks like this: • string md5(string str) • The MD5 algorithm can also be used as a password verification system. Because it is (in theory) extremely difficult to retrieve the original string that has been hashed using the MD5 algorithm, you could hash a given password using MD5 and then compare that encrypted password against those that a user enters to gain access to restricted information.
  • 3. • For example, assume that your secret password toystore has an MD5 hash of • 745e2abd7c52ee1dd7c14ae0d71b9d76. • You can store this hashed value on the server and compare it to the MD5 hash equivalent of the password the user attempts to enter. • Even if an intruder gets hold of the encrypted password, it wouldn’t make much difference because that intruder can’t return the string to its original format through conventional means. An example of hashing a string using md5() follows: • Remember that to store a complete hash in a database, you need to set the field length to 32 characters.
  • 4. The MCrypt Package • MCrypt is a popular data-encryption package available for use with PHP, providing support for two-way • encryption (i.e., encryption and decryption). Before you can use it, you need to follow these installation • instructions: • 1.Go to http://mcrypt.sourceforge.net and download the package source. • 2. Extract the contents of the compressed distribution and follow the installation • instructions as specified in the INSTALL document. • 3. Compile PHP with the --with-mcrypt option. • MCrypt supports the following encryption algorithms:
  • 5. Encrypting Data with MCrypt • The mcrypt_encrypt() function encrypts the provided data, returning the encrypted result. The • prototype follows: • string mcrypt_encrypt(string cipher, string key, string data,string mode [, string iv]) • The provided cipher names the particular encryption algorithm, and the parameter key determines the key used to encrypt the data. The mode parameter specifies one of the six available encryption modes: • electronic codebook, cipher block chaining, cipher feedback, 8-bit output feedback, N-bit output feedback, and a special stream mode. Each is referenced by an abbreviation: ecb, cbc, cfb, ofb, nofb, and stream, respectively. Finally, the iv parameter initializes cbc, cfb, ofb, and certain algorithms used in stream mode. Consider an example:
  • 6. Decrypting Data with MCrypt • The mcrypt_decrypt() function decrypts a previously encrypted cipher, provided that the cipher, key, and mode are the same as those used to encrypt the data. Its prototype follows: • string mcrypt_decrypt(string cipher, string key, string data,string mode [, string iv]) • Go ahead and insert the following line into the previous example, directly after the last statement: • echo mcrypt_decrypt(MCRYPT_DES, $key, $enc, MCRYPT_MODE_CBC, $iv); • The methods in this section are only those that are in some way incorporated into the PHPextension set. However, you are not limited to these encryption/hashing solutions.
  • 7. File-Based Authentication • The PHP script required to parse this file and authenticate a user against a given login pair is only a tad more complicated than the script used to authenticate against a hard-coded authentication pair. The difference lies in the script’s additional duty of reading the text file into an array, and then cycling through that array searching for a match. This involves the use of several functions, including the following: • file(string filename): The file() function reads a file into an array, with each • element of the array consisting of a line in the file. • explode(string separator, string string [, int limit]): The explode() function • splits a string into a series of substrings, with each string boundary determined by a specific separator. • md5(string str): The md5() function calculates an MD5 hash of a string, using RSA • Security Inc.’s MD5 Message-Digest algorithm (www.rsa.com). Because the • passwords are stored using the same encrypted format, you first use the md5() function to encrypt the provided password, comparing the result with what is stored locally.
  • 8. •Although the file-based authentication system works well for relatively small, static authentication lists, this strategy can quickly become inconvenient when you’re handling a large number of users; •when users are regularly being added, deleted, and modified;
  • 9. Database-Based Authentication CREATE TABLE logins ( id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY, username VARCHAR(255) NOT NULL, pswd CHAR(32) NOT NULL );