Appendix C. Cryptography

Previous page
Table of content
Next page

In a book about security, cryptography is an expected topic. I have chosen to neglect cryptography in the majority of the book because its purpose is narrow, and developers need to pay attention to the big picture. Relying on encryption is often a red herring. It serves its purpose well, but encrypting something doesn't magically make an application secure.

The key types of cryptography with which a PHP developer should be familiar are as follows:

  • Symmetric cryptography

  • Asymmetric (public key) cryptography

  • Cryptographic hash functions (message digests)

  • Message authentication codes (MACs)

The majority of this appendix focuses on symmetric cryptography using the mcrypt extension. Other good resources that you should review are as follows:

  • Applied Cryptography, by Bruce Schneier (Wiley)

  • http://www.schneier.com/blog/

  • http://wikipedia.org/wiki/Cryptography

  • http://phpsec.org/articles/2005/password-hashing.html

  • http://pear.php.net/package/Crypt_HMAC

  • http://pear.php.net/package/Crypt_RSA



Previous page
Table of content
Next page
Essential PHP Security
Essential PHP Security
ISBN: 059600656X
EAN: 2147483647
Year: 2005
Pages: 110
Authors: Chris Shiflett
BUY ON AMAZON
Crystal Reports 9 on Oracle (Database Professionals)
MySQL Stored Procedure Programming
High-Speed Signal Propagation[c] Advanced Black Magic
Visual C# 2005 How to Program (2nd Edition)
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
File System Forensic Analysis
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy