On 2008-09-21 14:32, Semnan Web Administrator wrote:
the key of the cryption is the optional and will be change. for
example can be a hash of the client HTTP_USER_AGENT and REMOTE_ADDR
and more... as the same key.
if you want to put the secure data in the normal page it's useful
method.
what your mean?
My point is that as long as you are sending the key along with the
cyphertext, the "secure" data can be decrypted by anyone listening in on
the traffic. Even if you're using something other than PHP's session ID,
you have to tell the JavaScript client the algorithm and the key
somehow. This information can be intercepted and used to read the
encrypted content. And we _have_ to assume that someone is potentially
intercepting the traffic - if that were impossible, there would be no
point in encrypting the transmissions in the first place.
To be perfectly clear, if you're planning on sending sensitive
information between a server and a web browser, use SSL/TLS. If you
can't use a secure connection, don't send sensitive information.
The only way I could think of would be to let the user supply a secret
password (which would also be stored on the server). The problem with
that approach is that your scripts could be altered by an attacker
sitting between the server and the client (to include any one of a
million ways to get to the sensitive information). As far as I know,
this cannot be effectively prevented, except maybe with signed scripts.
Unfortunately, you'd need the browser to check the signature of the
whole page and all of the scripts; you can't do these checks with
JavaScript without running into exactly the same problem (altered or
injected scripts). Fortunately, there is a way to let the browser check
the signature and the integrity of the contents: SSL/TLS :-)
I hope this explains the problem a little better.
- Conrad