Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I need to create a good strong encryption system for a client. It would be used for storing sensitive user information. I just wanted to get some advice off someone who has more experience in this area. It sounds like 256 bit AES would be my best option.
What I was thinking was http://www.movable-type.co.uk/scripts/aes-php.html
And for the key, perhaps using a hash of something unique to each user?
Does this sound like a sufficient idea?
SHA only works one-way (same as for examples MD5 before anyone suggests this). I think he also want a way to easily decrypt and read the stored data when he needs to.
AES is indeed a very good option. I would use the same.
Will you deploy your solution on a shared hosting environment? Be sure to chmod the file with your encryption/decryption key so no other user can access it. There’s no point in locking a house and leaving the key right in front of the door.