On Thu, Feb 08, 2007 at 09:13:48AM +0100, Olivier Boissard wrote: > I was thinking about a system in which only the php programs will be > able to manage stored informations. In case of theft or unexpected > access to servers nobody could be able to retrieve the stored data > without the authorized key. What about theft or compromise of the server running the PHP code? In general it's a good idea to encrypt and decrypt as close to where the cleartext is needed to limit exposure, but you should also consider the vulnerability of the system that holds the key. For some applications it might make sense to use public-key encryption with the exposed (e.g., Internet-facing) server having only the public (encryption) key and a more protected backend server having the corresponding private (decryption) key. Without knowing the requirements and the threat model it's impossible to suggest a suitable solution. Can you be more specific about what you're trying to do? -- Michael Fuhr
