You are here

Encryption

Make sure that your data is safe. The best way to make your data safe is to encrypt it. There are various times that you want to encrypt your data, transportation, moving the data from one computer to another and this is dealt with by using a secure certificate. The other time that you want your data safe, is when the data is static and stored in a data base. It is this static state that Web-D-Zine (WDZ) deals with.

WDZ supplies a class called wdzEncrypt and a data structure called dsEncryptInfo.

  • wdzEncrypt uses encrypt and decrypt from the PHP Open SSL library(Read notes on Open SSL) and contains two functions called encrypt and decrypt that are similar to the functions encryptString and decryptString found in Git hub - php-openssl-cryptor
  • dsEncryptInfo looks after all the information needed for wdzEncryot to work such as the encryption and hash algorithums. This dsEncryptInfo needs to be set up for your project prior to using wdzEncrypt. Notes on how to set up dsEncryptInfo are found in Setting up encryption in WDZ

Notes

With encrypted data the ability to search, sort and retrieve are still available, however they come with the following issues:-

  • Search - If an encrypted field is to be searched then the data is encrypted in such a way that it can be searched, Although the encrypted data can now be searched, data in the search field could be decrypted by a malicious source
  • Sort - So that data can be sorted, the first few characters of the data are left in plain text, so that the sort can occur. This could mean that because the hacker has the first few characters of the data along with encrypted data then they could use this information to find out the rest of the encrypted data
  • Retrieve - Data used to retrieve a record is still safe, and an additional flag is supplied for this feature
    • rtvPasswordQuality="Yes" For this the name "Fred" is different to "fred"
    • rtvPasswordQuality="No" For this the name "Fred" is the same as "fred"
For more information on encryption and how to set it up in WDZ then please read Setting up encryption in WDZ
Latest News
Reflection on 2024
Reflection on 2024
December is upon us and I always feel that this is a good time to reflect on things and to create goals Read more
Categories