PHP file/image encryption/decryption algorithms, server storage

Hi!

This is very strange way to go or not… hope someone knows more

The idea is to encryption the image using one of the algorithms in PHP(crypt, SHA etc) to store it in the server and again decrypting it with PHP to show it in the browser, like the site Facebook does or doesn’t(I don’t know really).

I heard that it will take tremendously CPU processing power, so no-one really does it, but some probably most cloud services do encrypt their files(store it as encrypted), how they manage to do it, or am I wrong?

Thank you!

1 Like

just wondering, whats the point fo encrypt images? as soon as they displayed in the browser you can easily download them. twitter and facebook just creating random routes to view the images so you cannot store the URL of the image but i don’t really thing they encrypt the files, because there no point of doing this

1 Like

[quote=“tosta, post:1, topic:215913”]
The idea is to encryption the image using one of the algorithms in PHP(crypt, SHA etc) to store it in the server and again decrypting it[/quote]
For starter, there is no way to decrypt a crypt() or SHA result back to the original data, because it is not actually an encryption but one-way hashing.

And I second the question why would one want it at all.

1 Like

Why?

You can’t 100% control what people will upload, so this is why, illegal stuff can be easily uploaded to the server, or can you.

Anyways …

how do cloud services do that, they can’t just store the file as original on their server, they need to encrypt and decrypt everything, but they do it so easily, and it must be server side scripting, so PHP?.

Thank you for the replies

Why not?

Probably they can, but I think from a perspective that I provide a cloud service allowing everyone to upload anything to my computer without a storage encryption, this sounds insane, doesn’t it? anyone can f* me over just by uploading some “bad” stuff.

If this stuff is unaccessible by anyone but uploader, then who cares?
If this stuff is accessuble by anyone but you offer an on-the-fly decryption, what’s the difference?

Storing illegal stuff on a data drive you own (whoever uploaded), you may get you punished by the law. You can’t just hide data on a data drive/server without encrypting it/making it legal again…right

but this still can happen to anyone, just imagine a friend of yours shared a dropbox folder and uploaded some movie there, after view minutes you download the movie, ecrypting makes nothing legal. actually even streaming is illegal because the browser buffer the video to your hard disc and drop it(eventually) after displaying. i dont see why encrypting should make anything legal

To decrypt SHA would take huge computer power over many years before you would be able to display the decrypted version to anyone - assuming you manage to figure out which of the many trillions of values that match that hash was the original

If you use an actual encryption algorithm rather than a one way hash then anyone with access to both the encrypted data and the code will be able to decrypt it. You’d need the code on a completely separate server in a different datacenter to the server where the data is stored in order for it to provide even minimal security for the content…

Check this out: -encipher

3 Likes

Yeah nice post:D, I meant more like converting image to text, to mess the code up so only I know how to restore it, or something like that, haven’t really investigated much what would be “the best way”.

Anyways, it still takes probably a lot of CPU, converting the image text back and forth, considering the amount of text one image contains.

Rubble imagemagick command works only with PNG, but it’s really a good thing, there should be a PHP command that will mess up the image, like making it foggy and back, using only a password and php command, that would be really nice … It’s a bit weird that there is no such thing, or am I wrong.

BlackScorp the encrypting makes files undetectable if looking the datadrive directly, no key no file.

Thank you for the posts, I still can not understand how the cloud services manage to encrypt the files, if they wouldn’t encrypt then I don’t want to know what they store on their servers, 1000 years in jail, no-one cares , LOL.

Wouldn’t it just be easier to store them outside of the root so only script can access them?

2 Likes

WinZip, PkZip and other similar programs have a password facility which may be useful.

The idea is to encryption the image using one of the algorithms in PHP(crypt, SHA etc) to store it in the server and again decrypting it with PHP to show it in the browser, like the site Facebook does or doesn’t(I don’t know really).

What I cannot understand is the decrypting in the browser for anyone to view. It seems encryption and decryption process is unnecessary… unless access is only granted to the person who uploaded the file?

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.