Secure hash algorithm online dating

Here's what I'm trying to do: I have a table consisting of these fields (User ID, Fname, Lname, Email, Password) What I want to have is have the all fields encrypted and then be decrypted(Is it possible to use SHA is a hash, not encryption.

The key point is that a hash cannot be reversed to the original data (not easily, anyway).

Encryption key A good encryption key is a binary blob that's generated from a reliable random number generator.

The following example would be recommended ( This can be done once or multiple times (if you wish to create a chain of encryption keys). IV The initialisation vector adds randomness to the encryption and required for CBC mode.

You probably want mcrypt or if it is not available I would recommend phpseclib - although it's important to note that any pure-PHP implementation of anything that involves a lot of low-level mathematics will be sloooooo

That's why I like phpseclib, because it uses mcrypt first if it's available and only falls back to PHP implementations as a last resort.

These values should be ideally be used only once (technically once per encryption key), so an update to any part of a row should regenerate it.

A function that allows for both encryption and decryption of data.

They're greatly optimized to make this verification as fast as possible while still being accurate.

Given their relatively limited output space it was easy to build a database with known passwords and their respective hash outputs, the rainbow tables.

The functions by default use the Blowfish algorithm. A list of cipher definitions to select the cipher mcrypt uses also exists. A block cipher encrypts the input in blocks of known size and position with a known key, so that the data can later be decrypted using the key. $key = 'This Is The Cipher Key'; $ciphertext = mcrypt_encrypt(MCRYPT_BLOWFISH, $key, 'This is plaintext.', MCRYPT_MODE_CFB); $plaintext = mcrypt_decrypt(MCRYPT_BLOWFISH, $key, $encrypted, MCRYPT_MODE_CFB); Never ever use the ECB mode.

It is insecure and most of the time doesn't really help in actually encrypting the data (rather than just encoding it).

Leave a Reply