|
|
|
|
| Tutorial |
148 Chapter 4 Web Application Concepts
Another advantage is that public-key systems can provide digital signatures, in
which a user signs his message with his private key. Secret-key cryptography, on the
other hand, would require a central database with copies of all secret keys of a system
to allow digital signatures—Kerberos uses this method, for example. Of course, a central
point with critical data is always a source of risk.
A potential disadvantage is performance; many secret-key algorithms are significantly
faster than public-key systems.
Public-key cryptography isn’t meant to replace secret-key cryptography; in some
situations, public-key cryptography is unnecessary and secret-key cryptography alone is
sufficient.When storing data on the server, for example, you’ll probably use single-key
cryptography. Because there are no distinct users in this scenario and the system knows
the key for encrypting and decrypting, there’s not much advantage to having a public
and a private key.To transfer data to a remote system, on the other hand (for example,
when sending orders from an online shop via email), public-key cryptography is preferred,
as sender and recipient are two different users, communicating over an insecure
channel.
The Standard in Encryption: Pretty Good Privacy (PGP)
Unfortunately, PHP doesn’t yet include support for Pretty Good Privacy (PGP). As
there are some Open Source alternatives readily available (for example, Gnu Privacy
Guard (www.gnupg.org), we’re sure that this is only a matter of time.Meanwhile, we’ve
developed the basic class shown in Listing 4.4 to interface a command-line version of
PGP.This class allows you to encrypt, decrypt, and sign files or strings with PGP 6.5.1.
Listing 4.4 PHP interface to PGP 6.5.1.
class pgp
{
var $pgp_bin = “/usr/bin/pgp”; // Path to PGP binary
var $tmp_path = “/tmp”; // Path where temporary files are stored
var $error; // Used to store the last error message
function pgp()
{
// Check if the PGP binary exists
if(!file_exists($this->pgp_bin))
{
$this->error = “PGP binary file “.$this->pgp_bin.” does not exist.\n”;
return(false);
}
// Check if the PGP binary is actually executable
if(!is_executable($this->pgp_bin))
{
|
|
|
|
|
|
| Link Partners: Asia florist, Flowers to India, Hong kong flowers, Site submit, Cheap web hosting, China florist, Japan florist |
|
