[program-l] Re: PHP and Encrypting

• From: Soronel Haetir <soronel.haetir@xxxxxxxxx>
• To: program-l@xxxxxxxxxxxxx
• Date: Sat, 27 Oct 2012 17:49:38 -0800

base64 is not encryption, it provides no security beyond obfuscation.
Instead it is an encoding scheme that allows characters to be stored
that can't otherwise pass a communication channel.  (For instance
traditional e-mail is a 7-bit rather than 8-bit communication channel,
so if you need to pass 8-bit information it will need to be encoded
somehow.)

On 10/21/12, Jeff Berwick <mailinglists@xxxxxxxxxxxx> wrote:
> Hi all,
>
> I have need to encrypt and decrypt information going into and out of a mysql
> database.  I am using PHP and have found the following code sample.  I don't
> know how secure this is and am wondering if there is a stronger encryption I
> can use.
>
> $key is a string of characters and $string is the value to be encrypted.
>
> $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5(KEY),
> $string, MCRYPT_MODE_CBC, md5(md5(KEY))));
>
> Security is not my forte, so I don't really understand how strong this
> really is.  It seems to generate a 44 character string.  Any thoughts are
> appreciated.
>
> Thx,
> Jeff
>
> ** To leave the list, click on the immediately-following link:-
> ** [mailto:program-l-request@xxxxxxxxxxxxx?subject=unsubscribe]
> ** If this link doesn't work then send a message to:
> ** program-l-request@xxxxxxxxxxxxx
> ** and in the Subject line type
> ** unsubscribe
> ** For other list commands such as vacation mode, click on the
> ** immediately-following link:-
> ** [mailto:program-l-request@xxxxxxxxxxxxx?subject=faq]
> ** or send a message, to
> ** program-l-request@xxxxxxxxxxxxx with the Subject:- faq
>


-- 
Soronel Haetir
soronel.haetir@xxxxxxxxx
** To leave the list, click on the immediately-following link:-
** [mailto:program-l-request@xxxxxxxxxxxxx?subject=unsubscribe]
** If this link doesn't work then send a message to:
** program-l-request@xxxxxxxxxxxxx
** and in the Subject line type
** unsubscribe
** For other list commands such as vacation mode, click on the
** immediately-following link:-
** [mailto:program-l-request@xxxxxxxxxxxxx?subject=faq]
** or send a message, to
** program-l-request@xxxxxxxxxxxxx with the Subject:- faq

• References:
  • [program-l] PHP and Encrypting
    • From: Jeff Berwick

Other related posts:

• » [program-l] PHP and Encrypting- Jeff Berwick
• » [program-l] Re: PHP and Encrypting - Soronel Haetir

1. Home
2. program-l
3. Archive
4. 10-2012

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---