PHP Classes

This package does NOT encrypt data.

Recommend this page to a friend!

      Cryptonita  >  All threads  >  This package does NOT encrypt data.  >  (Un) Subscribe thread alerts  
Subject:This package does NOT encrypt data.
Summary:Package rating comment
Messages:3
Author:John Conde
Date:2023-10-26 12:30:40
 

John Conde rated this package as follows:

Utility: Bad
Consistency: Not sure
Documentation: Insufficient
Examples: Insufficient
Tutorial videos: Insufficient

  1. This package does NOT encrypt data.   Reply   Report abuse  
Picture of John Conde John Conde - 2023-10-26 12:30:40
This package does NOT encrypt data. It HASHES it. They are not the same thing. Data can only be hashed and is not reversible. This means once you hash it you cannot get that data back out!

It also uses poor security practices as the hash is hardcoded into the package. This should be unique for all sites and, even more importantly, all hashes. By making the key hardcoded and public bad actors can attack encrypted data with a rainbow table attack.

This package does not work, and if used anyway, is insecure. It should not be used.

  2. Re: This package does NOT encrypt data.   Reply   Report abuse  
Picture of Rodrigo Faustino Rodrigo Faustino - 2023-10-27 00:47:16 - In reply to message 1 from John Conde
It seems like you didn't understand the purpose of the package, it is for asymmetric encryption, where it hides the data in the database and shows it in the application, and the key can be composed by other methods at the discretion of the owner of the website or application, you are right when symmetric encryption cannot be reversed, but the purpose of asymmetric is to enable reversal

  3. Re: This package does NOT encrypt data.   Reply   Report abuse  
Picture of Rodrigo Faustino Rodrigo Faustino - 2023-10-27 00:52:33 - In reply to message 2 from Rodrigo Faustino
sorry for the error in translation when I wrote symmetrical with a key it appeared asymmetrical which is used public and private key, in "symmetrical" it uses a single key to encrypt and describe and this single key must be kept safe, so the owner of the site can use their key protection methods, but I reaffirm that the purpose is only to hide the data in the database