?
Solved

Encryption Methods: Compatibility with both PHP and VBA

Posted on 2010-11-22
5
Medium Priority
?
1,359 Views
Last Modified: 2012-08-13
Hi experts,

I'm creating a routine that needs some encryption to store license information. I'm currently using a Base64 encryption method which is available in both PHP and VBA (with an added class). I'm currently looking into other encryption methods though - as I think that Base64 might be a little too easy to 'crack'. I was thinking to maybe add a MD5 encryption with a salt, but I have no idea if there's any VBA classes for MD5.

If anyone have any experience on the subject or could point me in the right direction, that would be great.

Regards,
eX.
0
Comment
Question by:Gaute Rønningen
5 Comments
 
LVL 16

Accepted Solution

by:
Blaz earned 1200 total points
ID: 34188647
First you need to understand that nor base64 nor MD5 is NOT encryption and they are totally different methods:
- base64 is an encoding scheme to represent binary data in ASCII string (http://en.wikipedia.org/wiki/Base64)
- MD5 is a hashing function (http://en.wikipedia.org/wiki/MD5)

From base64 encoded string you can get original data. From MD5 hash you can't get original data.

For encryption you should use methods such as DES (3DES) or AES.
0
 
LVL 13

Expert Comment

by:dsmile
ID: 34190109
0
 
LVL 2

Assisted Solution

by:benschwartz
benschwartz earned 800 total points
ID: 34190985
php's built in library mcrypt is a good place to start:

http://php.net/manual/en/book.mcrypt.php
0
 

Author Comment

by:Gaute Rønningen
ID: 34231218
@Blaz:
Yes, I know - I only need a way of hiding some strings from our regular users. No real 'encryption' needed, just 'cloaking'. Do you know if DES or AES is built-in into PHP and if there are any classes available for VBA for them?

@dsmile:
Looks interesting, but will have to come back to it if we decide to go for MD5.

@benschwartz:
I see. I'll look into it.
0
 
LVL 2

Assisted Solution

by:benschwartz
benschwartz earned 800 total points
ID: 34239754
As blaz said, md5 is a hash and base64 is just an encoding scheme. Neither are suitable as encryption.

A hash is inherently one way, meaning you can never get back to the initial input (This is good if you don't want to store a password: store the md5 hash of the password in the database and when the user attempts to log in later, md5 their password attempt and compare to the store md5. This makes sure nobody (the DBA included) can ever recover the password in plain text).

base64 encoding isn't really encrypting, just format conversion. A similar conversion would be to accept an ascii input and store it as utf8. base64 encoding is just for things like including binary data in a context where only text is accepted.

AES is the defacto standard for encryption, and php mcrypt library provides a rhobust & easy to use interface for implementing it. I would recommend going with this.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when I have encountered the need to decompress a response from a PHP request. This is how it's done, but you must have control of the request and you can set the Accept-Encoding header.
Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
This Micro Tutorial will demonstrate how to use a scrolling table in Microsoft Excel using the INDEX function.
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…
Suggested Courses
Course of the Month16 days, 10 hours left to enroll

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question