1
Is there a package i can use that allows me to type my text in a browser, hit save and have it save in AES before sending to a server?
And allow the server to be control by me (my local machine or box i setup)?
I like this But it outputs base64 (it should be easy enough to modify) and i'll have to write much code to get a file list, save,load, delete etc.
1
Your're doing it the hard way.
Since you intend for the server to be on your local machine (or a different machine of yours locally). The text will exist in plaintext:
If your local machine is compromised, the best encryption in the world doesn't protect you. Edit the file locally using your favorite editor and encrypt it locally with your encryption of choice. It beats having to re-invent two wheels.
If you are doing this as an academic exercise, have fun, but some random blogger's PHP implementation of AES is best not trusted unless you've reviewed the code for holes yourself and have tested its output against a reference AES for many inputs. I'm not assuming malice on the PHP author's side, just that the smallest defect in cryptographic software tends to make it useless.
msw
Posted 2010-06-24T00:26:22.297
Reputation: 3 287
I am not worried about it being accessed locally. Just having the plaintext transmitted or to a compromised server receiving not yet encrypted data worries me. Also doesnt 1. exist no matter the situation? – None – 2010-06-24T02:27:07.413
1Well 1, 2, and 3, always obtain: compromised machine is compromised. My point was that implementing your own crypto is usually incorrect and there are already great editors and crypto out there for all platforms, probably even android phones for all I know. – msw – 2010-06-24T03:03:20.437
From the site using output results it looks like it is implemented correctly. I plan to test against .NET version of AES. However the question is about if there is an existing solution. – None – 2010-06-30T18:57:10.753
1
Why not SSL? Really?
It responds to most of your query (i.e., "encryption before sending to server?"). There are also lots of free pre-made or easily-compiled packages for all platforms, as well as self-signed certificate providers (or you could generate one yourself if it's just for you). Is there a reason you particularly want to use AES, for some sort of project?
msanford
Posted 2010-06-24T00:26:22.297
Reputation: 682
at least i do not get the idea behind it. whats the real problem you want to get solved? – akira – 2010-06-30T15:11:06.400
I am trying to have data saved on a website/remote location without any chance of the remote location decrypting my data. – None – 2010-06-30T18:58:14.997