I'm very interested in this topic. I have an application that by it's nature shares "objects" between multiple participants, each object having different participants. Since those objects contain sensitive data, I was looking into ways to encrypt those, so that not even the database admin could see the content.
With "traditional" encryption schemes this is very difficult to realize though, as there's always only one key that can decrypt the data (would be pointless otherwise). That means for every object a user is participating in you'd need to store an additional key with the user's data, which is pointless. I haven't yet, in my limited research, found a meaningful way to encrypt data in a way that allows it to be decrypted with any one of multiple keys (i.e. the user's password). But I'm no cryptographer by any means. Are public/private keys a way to do this? Chrs, Dav On 8 Oct 2008, at 12:37, titang wrote: > > It sounds good, but what about if the data must be accessible by many > users. > For example I want to let 2 users to access the same datas with their > own passphrase... > > Is there a simple way to do that ? > > Titang > > On Oct 8, 11:03 am, Joel Perras <[EMAIL PROTECTED]> wrote: >> Simple solution: Generate a pseudo-random string of characters (or >> let >> him choose his own passphrase), and use this as a salt to encrypt >> your >> data before saving to your database. The passphrase must then be used >> to retrieve any information from the database. >> >> Of course, all of this is completely useless if you don't use SSL for >> the entire request/response process. >> >> -J. >> >> On Oct 7, 3:50 am, titang <[EMAIL PROTECTED]> wrote: >> >>> Hi, >>> I would like to encrypt/decrypt data in my application regarding the >>> following requirements: >>> - The data will be decrypted by many users. >>> - I dont want to keep the secret password for decrypting the data of >>> each users in my application. >> >>> Does someone have any idea about how can I do this ? And if there is >>> something already implemented for the cakephp framework? >> >>> There is something pretty good, it is the gnupg >>> project.http://www.gnupg.org/ >>> I did my first test by command line on Linux, and it seems really >>> good. >>> 1. First i have to generate one public key per users (from an uid >>> and >>> a passphrase). >>> 2. Then i encrypt the data and specify which users can access the >>> data (by specifying the uid). >>> 3. And the authorized users can decrypt the data with their own >>> passphrase >> >>> An extension gnupg is available for php. >>> What about a cakephp behavior using this extension? I think it could >>> be very useful. >> >>> Any suggestions or helps are welcome ! >> >>> Thanks > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
