SitePoint Sponsor

User Tag List

Results 1 to 9 of 9
  1. #1
    Get my greedy down dotJoon's Avatar
    Join Date
    Apr 2003
    Location
    daejeon, South Korea
    Posts
    2,223
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)

    encrypt and decrypt

    After I encrypt "myText", can I decrypt it?

    The code below in the manual doesn't explain about decrypt.
    PHP Code:
    <?php
    $crypted
    =crypt('myText');
    ?>

  2. #2
    Non-Member Kalon's Avatar
    Join Date
    Aug 2010
    Location
    At my computer
    Posts
    2,012
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    from the manual

    Note: There is no decrypt function, since crypt() uses a one-way algorithm.

  3. #3
    SitePoint Addict svcghost's Avatar
    Join Date
    Oct 2010
    Posts
    288
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What are you trying to accomplish with encryption here? Crypt and hash algorithms such as SHA-1 and MD5 are one-way hash algorithms that cannot be reversed. These algorithms are useful in situations such as guaranteeing the integrity of a file or message by generating a hash and sending it along in an encrypted message.

    They are also commonly used to generate hashes of plaintext passwords and stored in a database as a hash value.

  4. #4
    Get my greedy down dotJoon's Avatar
    Join Date
    Apr 2003
    Location
    daejeon, South Korea
    Posts
    2,223
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by svcghost View Post
    Crypt and hash algorithms such as SHA-1 and MD5 are one-way hash algorithms that cannot be reversed.
    Is there any algorithms which can be reversed?

  5. #5
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,810
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by dotJoon View Post
    Is there any algorithms which can be reversed?
    See http://php.net/manual/en/book.mcrypt.php
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  6. #6
    SitePoint Zealot Zurev's Avatar
    Join Date
    Feb 2009
    Posts
    171
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    http://www.php.net/manual/en/function.base64-encode.php

    Also alternative function for base64_decode.

    Pretty insecure also.

  7. #7
    SitePoint Addict svcghost's Avatar
    Join Date
    Oct 2010
    Posts
    288
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Do you mean any hash algorithms that are reversible? If that is your question, then the answer is no. Generally speaking, a hash algorithm is a function that takes in any length of data (a password, or a file), and spits out a fixed length output. This output value is meant to be a UNIQUE value for the given input. One commonly generates the hash algorithm of a file to check if it has been changed, because even the tiniest change of the input will cause a very different output.

    For example, I have an executable file, and I generate the hash algorithm. I then put it online for download and put the hash algorithm up for all to view. Then, if someone downloads my executable file from a different website, they can generate the hash algorithm of it and see if it matches the hash algorithm I posted on my website, thus proving that it has been unchanged, and is the same file.


    NOW, because hash algorithms produce a fixed length output, there is a possibility that multiple different inputs can generate the SAME hash value output. This is why MD5 has been deemed unsafe and broken. It is suggested to use SHA-1 over MD5 because the fixed-length value output is 40 bit as opposed to MD5's 32 bit.

    Hope I make sense.

  8. #8
    SitePoint Zealot
    Join Date
    Jun 2010
    Location
    Arizona
    Posts
    109
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Actually, SHA-1 is also partially broken. SHA-256 and higher are recommended.

    Anyway, this is divergent from the original topic - the author wants something that he can use to encrypt and decrypt information with. mcrypt is good, if the extension is enabled on the web host. AES (Rijndael) is the current standard.
    Thomas Hruska

    Single Sign-On Server/Client - The PHP login system that rocks.

  9. #9
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,810
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by Zurev View Post
    http://www.php.net/manual/en/function.base64-encode.php

    Also alternative function for base64_decode.

    Pretty insecure also.
    That has nothing whatever to do with encryption. Base 64 encoding converts all characters to only use 6 of the 8 bits so that the remaining two can be set to standard values (presumably one to 1 and the other to 0) so that when the digital signal is converted to analog that it will remain within the allowable frequency range for transmission and will not end up with a continuous string of ones or zeros that is so long that the frequency ends up outside of the range that the line can handle and so gets lost.

    Base 64 is not insecure because it has nothing whatever to do with security. Saying that base 64 is insecure is like saying that your swimming pool does a poor job of keeping you dry when it is raining.

    Similarly there are no security issues with any of the hashing algorithms when they are used correctly for their intended purpose. To use a hashing algorithm you hash the content to be sent, send both the content and the hash, the recipient then hashes the content again and compares that hash to the one sent. If they are both the same then the content has not been changed since the first hash was produced. If they are different then ask for the message to be resent because it has been changed along the way. It is only when you use a hash for some other purpose for which it wasn't originally intended that it may have security issues.

    The function that PHP provides for encryption is mcrypt.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •