How to encrypt with PHP and decrypt with JavaScript
Question
I want to implement a symmetric encryption in a client-server system.
I need to show some private data to a logged user in a specified system. I want to send the data encrypted with a key, owned by the user and the server only. This key will be never sent between client and server, because they always know that key. There will exist a key for each user.
So I want to send this data encrypted by the server in PHP and decrypted client side ( asking to the user the key ) with JavaScript.
Which method of encryption I should use?
Which PHP function and which JavaScript function?
Is enough strong to show delicate data?
2 answers
solution1
0 2015-02-16 11:57:12
Like it's mentioned in comments, use HTTPS. You can create your own encryption algorithm and code it to encrypt in PHP, and to decrypt it in JS (not recommended solution, but it is a sulotion).
solution2
-1 2015-02-16 13:55:05
Is enough strong to show delicate data?
No, not at all. The encryption can be state of the art, strong and "secure". But for as long as you have to share the keys that are used to encrypt the data, you're going to run into security related problems. Attackers could use MITM attacks to get the key when it's sent / received from the server or user and therefore read all the data.
Which method of encryption I should use? Which PHP function and which Javascript function?
No one, this is native using secure data transfer with HTTPS.
Your best bet is therefore to implement HTTPS and send your data through a secure channel.
If the data should be secured on the server and not readable, encrypt the data using standardized methods client side (javascript) and send the encrypted data to the server. This way, even if the server / database becomes hacked your data will not be compromised.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.