On Wednesday 19 November 2003 09:43 am, Ray wrote: > I want to do two-way encryption on a file coming through the web server. > In this context, I would want to generate a public and private key, encrypt
Do you have any idea how much time and (and entropy) is required to create a reasonably strong keypair? > the file stream (i.e., don't want to write the unencrypted file to disk That's virtually impossible with modern operating systems. They are mysterious beasts that will often write data to hard drive when you don't want it to. Swap files are a particularly good example of how it happens. > first and then encrypt it; I want to encrypt the stream as it comes in) > with the public, send the private to the recipient, and then destroy both > keys on my end. You can play with popen and pipes (even named pipes could be useful), but seriously there's going to be data written to disk. IMHO you'd be much better off just writing the data in a predictable manner, then using something like THC's SecureDelete. > > When the file was accessed and the private key was provided, I would want > to stream the unencrypted file out without ever writing the unencrypted > file to disk. man gpg (hint: -o or --output) > > Any ideas on how to accomplish this within the PHP construct? man gpg Now, where exactly do you gain security over using a symetric-key system? You're really just forcing the user to save the passphrase and private key... Just encrypt the file with AES/Twofish/IDEA/3DES/ad/nauseum, and tell the user the passphrase. Furthermore, all the encrypted storage in the world isn't going to do you much good when you're transmitting stuff in cleartext. Someone is going to fire up dsniff/snort/whatever and get all the goods without ever bothering to break into your box. I don't know what problem you're trying to solve, so I won't suggest an alternative course of action, but if you'd like to send your problem to the list, I (and probably others) would be happy to suggest alternatives. > > Thanks! -- Evan Nemerson [EMAIL PROTECTED] http://coeusgroup.com/en -- "The public have an insatiable curiosity to know everything. Except what is worth knowing. Journalism, conscious of this, and having tradesman-like habits, supplies their demands." -Oscar Wilde -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
