I am trying to figure out an approach for encrypting files for other users using a PHP interface, while keeping their password private from system administrators (similar to Dropbox). I basically need to store files for users, yet keep their passwords unknown. Any suggestions?
I do not need to obfuscate the PHP code. I need to encrypt files uploaded via a PHP interface and ensure admins do not have access to the files.
Ethan Whitt
2010-09-25 08:39:53
A:
Use base_64 encoding with a private key.
http://php.net/manual/en/function.base64-encode.php
Check the User Contributed Codes on the page for using a custom key and salting for additional security
Sandy
2010-09-25 08:39:52
-1 Base64 is an encoding algorithm and can't be used for encryption
NullUserException
2010-09-25 08:58:59
but wont encoding with a secret key result in encryption. if I am wrong please do correct me, I am now little confused
Sandy
2010-09-25 09:31:27
@Sandy [Base64](http://en.wikipedia.org/wiki/Base64) takes no keys. It was designed to be a way to safely encode and transmit binary data across unsafe medium (like email), not an encryption scheme.
NullUserException
2010-09-25 15:41:50
A:
The answer depends on who puts files, who encrypts them and who collects them. In general, public-key cryptography (PKI) works better when you need to encrypt the file for somebody else. Shared-secret schemes (including password-based ones) are worse. With PKI the recipient gives you his public key and keeps the private key in secret. You encrypt the file for the recipient using his public key and only that recipient can decrypt it as the private key is needed for decryption.
You can do PKI encryption using OpenPGP technology or using X.509 certificates. In first case you need GnuPG or some PGP library for PHP. In second case you can use OpenSSL.
Eugene Mayevski 'EldoS Corp
2010-09-25 09:10:47