After I encrypt “myText”, can I decrypt it?
The code below in the manual doesn’t explain about decrypt.
<?php
$crypted=crypt('myText');
?>
[B]
[/B]
Note: There is no decrypt function, since crypt() uses a one-way algorithm.
What are you trying to accomplish with encryption here? Crypt and hash algorithms such as SHA-1 and MD5 are one-way hash algorithms that cannot be reversed. These algorithms are useful in situations such as guaranteeing the integrity of a file or message by generating a hash and sending it along in an encrypted message.
They are also commonly used to generate hashes of plaintext passwords and stored in a database as a hash value.
Is there any algorithms which can be reversed?
http://www.php.net/manual/en/function.base64-encode.php
Also alternative function for base64_decode.
Pretty insecure also.
Do you mean any hash algorithms that are reversible? If that is your question, then the answer is no. Generally speaking, a hash algorithm is a function that takes in any length of data (a password, or a file), and spits out a fixed length output. This output value is meant to be a UNIQUE value for the given input. One commonly generates the hash algorithm of a file to check if it has been changed, because even the tiniest change of the input will cause a very different output.
For example, I have an executable file, and I generate the hash algorithm. I then put it online for download and put the hash algorithm up for all to view. Then, if someone downloads my executable file from a different website, they can generate the hash algorithm of it and see if it matches the hash algorithm I posted on my website, thus proving that it has been unchanged, and is the same file.
NOW, because hash algorithms produce a fixed length output, there is a possibility that multiple different inputs can generate the SAME hash value output. This is why MD5 has been deemed unsafe and broken. It is suggested to use SHA-1 over MD5 because the fixed-length value output is 40 bit as opposed to MD5’s 32 bit.
Hope I make sense.
Actually, SHA-1 is also partially broken. SHA-256 and higher are recommended.
Anyway, this is divergent from the original topic - the author wants something that he can use to encrypt and decrypt information with. mcrypt is good, if the extension is enabled on the web host. AES (Rijndael) is the current standard.
That has nothing whatever to do with encryption. Base 64 encoding converts all characters to only use 6 of the 8 bits so that the remaining two can be set to standard values (presumably one to 1 and the other to 0) so that when the digital signal is converted to analog that it will remain within the allowable frequency range for transmission and will not end up with a continuous string of ones or zeros that is so long that the frequency ends up outside of the range that the line can handle and so gets lost.
Base 64 is not insecure because it has nothing whatever to do with security. Saying that base 64 is insecure is like saying that your swimming pool does a poor job of keeping you dry when it is raining.
Similarly there are no security issues with any of the hashing algorithms when they are used correctly for their intended purpose. To use a hashing algorithm you hash the content to be sent, send both the content and the hash, the recipient then hashes the content again and compares that hash to the one sent. If they are both the same then the content has not been changed since the first hash was produced. If they are different then ask for the message to be resent because it has been changed along the way. It is only when you use a hash for some other purpose for which it wasn’t originally intended that it may have security issues.
The function that PHP provides for encryption is mcrypt.