Securely encoding information with PHP and decrypting it using JavaScript

I'm currently working with 2 servers.

My goal is to generate a pair of keys, store the private key in local storage, and send the public key to my PHP server.

The main objective is to encrypt data using the public key in PHP and decrypt it using JavaScript.

Any suggestions on what steps I should take?

I've already tried a few methods but haven't achieved the desired result with the (public key) [ and (private key) [https://github.com/travist/jsencrypt].

Thanks.

Update:

Goal: My aim is to securely send data from the PHP server to the client-side.

Updated Edit:

Is it safe to keep the private key in the PHP code and provide the public key to the client-side (JavaScript server node.js) when making calls? This would be for sending data from the node.js server to the PHP server... Is this method secure without using HTTPS??

Or if we implement HTTPS, would we not need to use this approach..??

Thanks

javascriptphpnode.jsrsapublic-key-encryption

Answer №1

If you're looking to securely transfer data from a PHP server to the client side, consider utilizing HTTPS for added protection.

The task you're attempting without HTTPS is quite challenging to execute correctly. Without HTTPS, your site visitors won't be able to verify who they are communicating with or trust the key generation and decryption processes. By implementing HTTPS, you're already ensuring safe transmission of data from the PHP server to the client side through encryption using private and public keys; additional encryption would not provide much benefit.

If the goal is to safeguard this sensitive information from other JavaScript running in the browser, extra layers of encryption will not enhance security as having the private key, encryption algorithm, and encrypted message stored in the browser is not necessarily safer than storing it in plain text.

Moreover, there's a high risk of errors in tasks such as key generation, distribution, encryption algorithms, and handling encrypted messages. Even if executed flawlessly, the outcome would likely be similar to what HTTPS already offers.

Do not underestimate the complexity involved - even well-intentioned OpenSSL and experienced developers struggle with this task, evident by the numerous CVE entries related to OpenSSL vulnerabilities.

Be sure to review this informative article:

  • JavaScript Cryptography Considered Harmful

Additionally, explore:

  • What’s wrong with in-browser cryptography?

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Scale transformation - I am aiming for it to exceed the limits, yet it remains contained within

Currently, I am working on enhancing my carousel by implementing a zoom effect when hovering over the images. However, I have encountered an issue where the image gets hidden within the div container and doesn't overflow as expected. I tried adjusting ...

javascriptcssreactjsnext.jssass

Android Device Testing with PHPUnit

After setting up a functional dev environment on my Android tablet, I am now looking to incorporate PHPUnit for running unit tests. Currently, I am utilizing Palapa Web Server with lighttpd 1.4.35 and php 5.5.15. Upon attempting to run php phpunit.phar - ...

phpandroidphpunit

PHP distributing empty sheets (possibly for website configuration)

Hey everyone! I've been struggling to set up a profile page on my website for the past week. Whenever I try to include PHP code or echoes in the content pages, I either get blank pages or encounter a 500 server error. My website is structured with a ...

phphtmlcss

Is it detrimental to my search engine ranking if I utilize CSS display:none?

Imagine having valuable content that is initially hidden with CSS, and then using javascript to reveal it only when the user clicks on certain links. Even users without javascript enabled can access this content by following the links to a new page where i ...

javascriptcssseo

Exploring the Depths of React by Cycling Through Arrays in Tabular Format

One issue I'm facing is that I have an array named paymentMethods which I'd like to iterate through in tabs. However, I seem to be struggling with the iteration part. To take a closer look at my code, please visit my codesandbox HERE <div& ...

javascriptreactjsarraysecmascript-6material-ui

How can I restrict access to localhost:3000 so that only my device can access it within the network?

Currently, I am utilizing express.js for hosting an HTTP server. Is there a method available to restrict access to port 3000 through my IP address for other devices on the network? ...

node.jsexpresshttp

The built-in functions of Wordpress are not able to be identified in the ajax PHP file

As a newcomer to Wordpress development, I am facing challenges with implementing ajax on my WordPress site. I am currently working on a plugin that requires the use of ajax. However, my php file (xxxecommerce.ajax.php) is not recognizing the built-in Word ...

javascriptphpjqueryajaxwordpress

Decoding JSON using JavaScript

I am dealing with a webservice that uses RestEasy to return a JSON object with a List element. When I try to parse the results in a JavaScript loop, everything works fine if there are two or more elements in the List. However, if there is only one element, ...

javajavascriptajaxjsonrest

Looking for Precise Matching within JSON Using JavaScript

I've been experimenting with creating a form that submits data and then checks it against a JSON array to see if there's a matching object already present. Here is a snippet of my JSON data for reference: [ { "ASIN":"B0971Y6PQ3 ...

javascriptarraysjsonfor-loopnested-for-loop

What is the best way to include a string in an Ajax GET request as a query parameter without it being encoded?

I've encountered an issue while trying to pass a list of subject IDs as query params in an Ajax get-request. The API expects the subjectId param to be either a single number or a string of numbers separated by commas. I have made sure that what I am s ...

javascriptjqueryajaxurl

Sharing AngularJs controllers between different modules can help streamline your

I'm facing an issue with trying to access an array from one controller in another controller. Despite simplifying the code for clarity, I still can't seem to make it work. Here is my first controller: app.controller('mycont1', [' ...

javascriptangularjsmodel-view-controller

Using the Table-multiple-sort feature in boostrap-table is not functioning properly when there are multiple tables present on a single page

I have implemented bootstrap-table along with the extension table-multiple-sort. The issue I am facing is when I include two tables on a single page (with the second table within a modal window), the multisort feature does not seem to work on the second ta ...

javascriptjquerytwitter-bootstraptwitter-bootstrap-3bootstrap-table

Exploring the power of jQuery closures and handling events like mouseover and mouseout

I'm currently grappling with the concept of utilizing closures in conjunction with jQuery event functions. The challenge I am facing involves creating rounded shapes on the screen that stop and fade when hovered over, then resume fading when the mous ...

javascriptjqueryeventsclosures

Load select box with options upon document load

After the document loads, I want to populate a select box with values from my database using ajax and jQuery. Can someone help me identify what's wrong with my code? <select class="form-control sec" id="sec" name="sec"> <option value="s ...

javascriptphpjqueryajax

Error: Property 'config' cannot be accessed because it is null

Upon transferring my Angular project from my local computer to a Linux server, I attempted to launch the project using ng serve but encountered an issue where it opened a new file in the console editor instead. After some investigation, I tried running np ...

javascriptangularjsnode.jsubuntunpm

jQuery DataTables covering a CSS-anchored menu bar

My webpage has a pinned navigation menu bar at the top and some tables with interactive features using jQuery's DataTables. However, after implementing jQuery, I encountered an issue where the tables cover the menu when scrolling down, making it uncli ...

javascriptjqueryhtmlcssdatatable

Downloading a file utilizing Selenium through the window.open method

I am having trouble extracting data from a webpage that triggers a new window to open when a link is clicked, resulting in an immediate download of a csv file. The URL format is a challenge as it involves complex javascript functions called via the onClick ...

javascriptpythonseleniumscreen-scraping

Using Firebase with Angular 4 to fetch data from the database and show it in the browser

Currently diving into Angular 4 and utilizing Firebase database, but feeling a bit lost on how to showcase objects on my application's browser. I'm looking to extract user data and present it beautifully for the end-user. import { Component, OnI ...

javascriptangulartypescriptfirebasefirebase-realtime-database

What is the process for arranging multiple text boxes beside a radio button upon selection?

Displayed below is the HTML code for a page featuring three radio buttons- <html> <body> <form> <input type="radio" name="tt1" value="Insert" /> Insert<br /> <input type="radio" name="tt2" value="Update" /> Update<b ...

javascripthtmlformstextbox

How to manually trigger the ajaxLoader feature in Tabulator version 3.5

Currently, I am working with version 3.5 of Tabulator from . When populating the table using an ajax request, a "loading icon" is displayed during the loading process. Prior to executing the ajax request for Tabulator, I perform some preliminary check op ...

javascriptajaxtabulator