?
Solved

Encryption Methods: Compatibility with both PHP and VBA

Posted on 2010-11-22
5
Medium Priority
?
1,315 Views
Last Modified: 2012-08-13
Hi experts,

I'm creating a routine that needs some encryption to store license information. I'm currently using a Base64 encryption method which is available in both PHP and VBA (with an added class). I'm currently looking into other encryption methods though - as I think that Base64 might be a little too easy to 'crack'. I was thinking to maybe add a MD5 encryption with a salt, but I have no idea if there's any VBA classes for MD5.

If anyone have any experience on the subject or could point me in the right direction, that would be great.

Regards,
eX.
0
Comment
Question by:Gaute Rønningen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 16

Accepted Solution

by:
Blaz earned 1200 total points
ID: 34188647
First you need to understand that nor base64 nor MD5 is NOT encryption and they are totally different methods:
- base64 is an encoding scheme to represent binary data in ASCII string (http://en.wikipedia.org/wiki/Base64)
- MD5 is a hashing function (http://en.wikipedia.org/wiki/MD5)

From base64 encoded string you can get original data. From MD5 hash you can't get original data.

For encryption you should use methods such as DES (3DES) or AES.
0
 
LVL 13

Expert Comment

by:dsmile
ID: 34190109
0
 
LVL 2

Assisted Solution

by:benschwartz
benschwartz earned 800 total points
ID: 34190985
php's built in library mcrypt is a good place to start:

http://php.net/manual/en/book.mcrypt.php
0
 

Author Comment

by:Gaute Rønningen
ID: 34231218
@Blaz:
Yes, I know - I only need a way of hiding some strings from our regular users. No real 'encryption' needed, just 'cloaking'. Do you know if DES or AES is built-in into PHP and if there are any classes available for VBA for them?

@dsmile:
Looks interesting, but will have to come back to it if we decide to go for MD5.

@benschwartz:
I see. I'll look into it.
0
 
LVL 2

Assisted Solution

by:benschwartz
benschwartz earned 800 total points
ID: 34239754
As blaz said, md5 is a hash and base64 is just an encoding scheme. Neither are suitable as encryption.

A hash is inherently one way, meaning you can never get back to the initial input (This is good if you don't want to store a password: store the md5 hash of the password in the database and when the user attempts to log in later, md5 their password attempt and compare to the store md5. This makes sure nobody (the DBA included) can ever recover the password in plain text).

base64 encoding isn't really encrypting, just format conversion. A similar conversion would be to accept an ascii input and store it as utf8. base64 encoding is just for things like including binary data in a context where only text is accepted.

AES is the defacto standard for encryption, and php mcrypt library provides a rhobust & easy to use interface for implementing it. I would recommend going with this.
0

Featured Post

7 Extremely Useful Linux Commands for Beginners

Just getting started with Linux? Here's a quick start guide that has 7 commands that we believe will come in handy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to implement server side field validation and display customized error messages to the client.
There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
Graphs within dashboards are meant to be dynamic, representing data from a period of time that will change each time the dashboard is updated with new data. Rather than update each graph to point to a different set within a static set of data, t…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question