Software Programs and Projects

This Software Programs and Projects include programing tips and technology using different languages like VC++,ASP,JSP C#.Net,PHP,VB.Net,JavaScript,ASP.NET .Software Programs and Projects blog mainly support to software programmers and provide help through the mail.

Using crypt() for Data Encryption

Posted by Sreejith A.K
Friday, September 4, 2009
comments (1)

The crypt() Function

In PHP we can use the crypt () function to create one way encryption. This means that the data is encrypted but cannot easily be decrypted.

When a user chooses their password, the password is then encrypted and the encrypted version of this password is saved. The next time the user goes to login, their password is encrypted again and then checked against the already saved (encrypted) version to see if they are the same. This way if the data is intercepted, they only ever see the encrypted version.

The crypt function is phrased as: crypt ( input_string, salt)

In this case input_string is the string you would like to encrypt (your password for example,) and salt is an optional parameter that influences how the encryption will work. PHP by default uses a two character DES salt string. If your system standard is MD5, a 12-character salt string is used.

The following are the four types of salt that work with all crypt () functions.

CRYPT_STD_DES - Standard DES-based encryption with a two character salt
CRYPT_EXT_DES - Extended DES-based encryption with a nine character salt
CRYPT_MD5 - MD5 encryption with a twelve character salt starting with $1$
CRYPT_BLOWFISH - Blowfish encryption with a sixteen character salt starting with $2$ or $2a$

when we use crypt ()

<?php $password = crypt('mypassword'); print $password . %u201C is the encrypted version of mypassword%u201D; ?>

This will output the encrypted version of ‘mypassword’ for you to see. Now let’s try it using different types of salt.

<?

php $password = crypt('mypassword' , 'd4');

print $password . " is the CRYPT_STD_DES version of mypassword<br>";

$password = crypt('mypassword' , 'k783d.y1g');

print $password . " is the CRYPT_EXT_DES version of mypassword<br>";

$password = crypt('mypassword' , '$1$d4juhy6d$');

print $password . " is the CRYPT_MD5 version of mypassword<br>";

$password = crypt('mypassword' , '$2a$07$kiuhgfslerd...........$');

print $password . " is the CRYPT_BLOWFISH version of mypassword<br>";

?>

This will output something like this:


d4/qPbCcJ5tD. is the CRYPT_STD_DES version of mypassword

k7xEagYCDPPSc is the CRYPT_EXT_DES version of mypassword

$1$d4juhy6d$a.jIPYnvne1FWF2V6mGQR0 is the CRYPT_MD5 version of mypassword

$2a$07$kiuhgfslerd...........6k0kSI76CqJ/RWGnSp9MWRDF91gJZfW is the CRYPT_BLOWFISH version of mypassword

tag:- crypt() funtion for data encryption in PHP

Labels:

Subscribe to: Posts (Atom)