Security Considerations 147 There are two types of
148 Chapter 4 Web Application Concepts Another advantage is that public-key systems can provide digital signatures, in which a user signs his message with his private key. Secret-key cryptography, on the other hand, would require a central database with copies of all secret keys of a system to allow digital signatures Kerberos uses this method, for example. Of course, a central point with critical data is always a source of risk. A potential disadvantage is performance; many secret-key algorithms are significantly faster than public-key systems. Public-key cryptography isn t meant to replace secret-key cryptography; in some situations, public-key cryptography is unnecessary and secret-key cryptography alone is sufficient.When storing data on the server,for example,you ll probably use single-key cryptography. Because there are no distinct users in this scenario and the system knows the key for encrypting and decrypting, there s not much advantage to having a public and a private key.To transfer data to a remote system,on the other hand (for example, when sending orders from an online shop via email), public-key cryptography is preferred, as sender and recipient are two different users, communicating over an insecure channel. The Standard in Encryption: Pretty Good Privacy (PGP) Unfortunately,PHP doesn t yet include support for Pretty Good Privacy (PGP).As there are some Open Source alternatives readily available (for example, Gnu Privacy Guard (www.gnupg.org), we re sure that this is only a matter of time. Meanwhile, we ve developed the basic class shown in Listing 4.4 to interface a command-line version of PGP.This class allows you to encrypt,decrypt,and sign files or strings with PGP 6.5.1. Listing 4.4 PHP interface to PGP 6.5.1. class pgp { var $pgp_bin var $tmp_path var $error; = /usr/bin/pg= /tmp ; p ; // Path to PGP binary // Path where temporary files are stored // Used to store the last error message function pgp() { // Check if the PGP binary exists if(!file_exists($this->pgp_bin)) { $this->error = PGP binary file .$this->pgp_bin. does not exist.n ; return(false); } // Check if the PGP binary is actually executable if(!is_executable($this->pgp_bin)) {
Note: If you are looking for good and high quality web space to host and run your application check Lunarwebhost PHP MySQL Web Hosting services