I can't imagine why anyone would want to
re-implement SSL inside the flash player.
But, that said, there may be other perfectly
valid reasons for wanting to encrypt data you're sending back and forth.
At 02:03 PM 4/10/2007, Doug Lowder wrote:
True about that. I assumed the poster was talking about
usernames/passwords alone, but maybe that isn't the case.
I guess I'm wondering why anyone would want to essentially re-
implement portions of SSL. As a user, I certainly wouldn't trust any
site that was loaded over HTTP instead of HTTPS, whether they claimed
to have their own security scheme implemented or not.
--- In
<mailto:flexcoders%40yahoogroups.com>[email protected],
"Alias" <[EMAIL PROTECTED]> wrote:
>
> MD5 is a one-way encryption algorithm, so it won't be any use for
encrypting
> data in the way you want - it's only for hashing and passwords,
really.
>
> If you need additional encryption to https, you could try
encrypting the
> data with TEA
>
<http://www.simonshepherd.supanet.com/tea.htm>http://www.simonshepherd.supanet.com/tea.htm
>
> There's an implementation in AS1 here, should be pretty trivial to
port to
> AS3.
>
<http://www.simonshepherd.supanet.com/TEAflash.txt>http://www.simonshepherd.supanet.com/TEAflash.txt
>
> HTH,
> Alias
>
> On 09 Apr 2007 09:43:33 -0700, Doug Lowder <[EMAIL PROTECTED]> wrote:
> >
> > The AS3 corelib has an MD5 algorithm implemented.
> >
> >
> >
<http://labs.adobe.com/wiki/index.php/ActionScript_3:resources:apis:lib>http://labs.adobe.com/wiki/index.php/ActionScript_3:resources:apis:lib
raries
> >
> > Probably the safest way to send data, though, would be to send
over HTTPS
> > rather than HTTP. If your data really are of a sensitive nature,
then your
> > server should be configured to accept HTTPS/SSL connections.
Part of
> > security is also verifying that the server you are communicating
with is who
> > you think it is; data encryption alone won't accomplish that, but
SSL will.
> >
> > HTH,
> > Doug
> >
> >
> > --- In
<mailto:flexcoders%40yahoogroups.com>[email protected],
"André Rodrigues Pena"
<andre.ufrj@>
> > wrote:
> > >
> > > Hi all,
> > >
> > > I'm looking for someway to encrypt the information I'm sending
through
> > > HTTPService via POST.
> > >
> > > I need this information to be decrypted inside a JSP script at
the
> > > back-end. So I need a encryption method that has a corresponding
> > > decryption method at server-side (Java)
> > >
> > > I'm not experienced with cryptography. If you already solved
some
> > > problem like that. Please help.
> > >
> > > --
> > > André Rodrigues Pena
> > >
> >
> >
> >
>
--
Jeffry Houser, Software Developer, Writer, Songwriter, Recording Engineer
AIM: Reboog711 | Phone: 1-203-379-0773
--
My Company: <http://www.dot-com-it.com>
My Podcast: <http://www.theflexshow.com>
My Blog: <http://www.jeffryhouser.com>
Connecticut Macromedia User Group: <http://www.ctmug.com>
