Re: [PHP] Two-way on-the-fly encryption
Ray -- ...and then Ray said... % % I want to do two-way encryption on a file coming through the web server. In That's an interesting name for it. % this context, I would want to generate a public and private key, encrypt the % file stream (i.e., don't want to write the unencrypted file to disk first % and then encrypt it; I want to encrypt the stream as it comes in) with the OK. Be aware that it will possibly get written to disk, though. % public, send the private to the recipient, and then destroy both keys on my % end. Hmmm... *thinks* I can't remember if a private key alone is sufficient to decrypt, although the public key alone is certainly enough to encrypt. You might check on that. % % When the file was accessed and the private key was provided, I would want to % stream the unencrypted file out without ever writing the unencrypted file to % disk. Note that your clear text could very well get written to disk: you are very likely to have a swap space. I don't know of any way to tell php that you don't want it (or really the OS) to lock some chunk in memory. % % Any ideas on how to accomplish this within the PHP construct? Well, gnupg can encrypt and decrypt a stream, and there is a GNUPG class at phpclasses.org, so I would probably leave all of the encryption and key work to it and go that way. If you really wanted to be secure, you might implement some javascript or a java applet to encrypt it before it ever left the browser (and, similarly, decrypt it when it's requested later); then you only ever deal with the encrypted version (ick -- I can't believe I just suggested J-anything). % % Thanks! So what in the world is this data which must be so secure that even you can't see it? HTH HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! pgp0.pgp Description: PGP signature
[PHP] Two-way on-the-fly encryption
I want to do two-way encryption on a file coming through the web server. In this context, I would want to generate a public and private key, encrypt the file stream (i.e., don't want to write the unencrypted file to disk first and then encrypt it; I want to encrypt the stream as it comes in) with the public, send the private to the recipient, and then destroy both keys on my end. When the file was accessed and the private key was provided, I would want to stream the unencrypted file out without ever writing the unencrypted file to disk. Any ideas on how to accomplish this within the PHP construct? Thanks! -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Two-way on-the-fly encryption
Ray mailto:[EMAIL PROTECTED] on Thursday, November 20, 2003 5:29 AM said: Any ideas on how to accomplish this within the PHP construct? Instead of reinventing the wheel you can just use HTTPS. Chris. -- Don't like reformatting your Outlook replies? Now there's relief! http://home.in.tum.de/~jain/software/outlook-quotefix/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Two-way on-the-fly encryption
Chris, I thought of that and I do plan on implementing it on the way in and out. However, to meet HIPA and other business requirements, the data can not exist at any point in time on my system in unencrypted form. I do not want to be able to view it and I do not want to know what is there. Any other suggestions? Thanks! PS, sorry about the multiple posts. First time posting and the moderating system confused me. ;) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Two-way on-the-fly encryption
Ray mailto:[EMAIL PROTECTED] on Thursday, November 20, 2003 9:32 AM said: I thought of that and I do plan on implementing it on the way in and out. However, to meet HIPA and other business requirements, the data can not exist at any point in time on my system in unencrypted form. I do not want to be able to view it and I do not want to know what is there. Any other suggestions? Hmm... That's quite a different thing and unless I read your original post wrong I don't think this part was mentioned. But in any case a few questions. 1. When you say on my system in unencrypted form do you indeed mean you want data that can be encrypted and then unencrypted as opposed to a hash like md5() that cannot be reversed? (I only ask this because a lot times people use them synonymously when they should not.) 2. This isn't a question really but I spoke with my friend google (maybe you two have met?) and he said this http://www.tonymarston.net/php-mysql/encryption.html;. hth, Chris. -- Don't like reformatting your Outlook replies? Now there's relief! http://home.in.tum.de/~jain/software/outlook-quotefix/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Two-way on-the-fly encryption
On Friday 21 November 2003 01:31, Ray wrote: I thought of that and I do plan on implementing it on the way in and out. However, to meet HIPA and other business requirements, the data can not exist at any point in time on my system in unencrypted form. I do not want to be able to view it and I do not want to know what is there. To be pedantic, the data *has* to exist on your system in an unencrypted form albeit for as long as it takes for you to encrypt it and then remove the unencrypted data. Any other suggestions? manual Mcrypt Encryption Functions -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* You shouldn't wallow in self-pity. But it's OK to put your feet in it and swish them around a little. -- Guindon */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Two-way on-the-fly encryption
1. When you say on my system in unencrypted form do you indeed mean you want data that can be encrypted and then unencrypted as opposed to a hash like md5() that cannot be reversed? (I only ask this because a lot times people use them synonymously when they should not.) Yes, two way, like PKI. Honestly, I'd like to be able to encrypt the stream as it comes in and decrypt it on the way out. I'd rather not know or have access to, at any time, what's being transfered... 2. This isn't a question really but I spoke with my friend google (maybe you two have met?) and he said this http://www.tonymarston.net/php-mysql/encryption.html;. Haha, Yes, I've heard of him. And yes, I did consult but didn't stumble across this link. Reading it now. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php