0

I need to encrypt some data provided by a user.

The encrypted data should be decryptable only with a password/key which is to be generated.

Use case: My user gives me some content to encrypt, I encrypt it and I generate a unique decryption key.

I need to store the data in a database. I need to do it in php.

hakre
  • 193,403
  • 52
  • 435
  • 836
Trent
  • 5,785
  • 6
  • 32
  • 43
  • Do you have a language preference? – Tim Dec 02 '11 at 21:31
  • This is very vague. What kind of data are you encrypting? Is it a file, or just text? Should you retain a copy of the password, or should the user be the only one who has access to this data? Why do you think you need to encrypt this data in the first place? – NullUserException Dec 02 '11 at 21:32
  • @Tim The OP said "I need to do it in php," and the question is tagged `[php]` – NullUserException Dec 02 '11 at 21:33
  • Is the "encrypted" data publicly visible? – hakre Dec 02 '11 at 21:36
  • The data could be anything but will be stored in a database, the encrypted data would be publicly available but it is possible that someone find the encrypted data (but it'd be difficult) – Trent Dec 03 '11 at 02:30

1 Answers1

1

You can get the users data, generate an encryption key, then use a reversible encryption method (lookup mcrypt) to encrypt it, and store the encrypted value.

The only issue is that you probably shouldn't store the encryption key along with the encrypted value, so you might need to also encrypt the users key using a different master key so it can safely be stored and pulled back out when needed.

It's certainly not 100% safe, because if someone gets that master key, they can get everything else.

See Best way to use PHP to encrypt and decrypt passwords? for more info on encryption with PHP.

Community
  • 1
  • 1
Benjam
  • 5,285
  • 3
  • 26
  • 36