Client Side Encryption For Form Data

Results 1 to 5 of 5

Thread: Client Side Encryption For Form Data

  1. #1
    Join Date
    Dec 1969

    Default Client Side Encryption For Form Data

    I have read and implemented the VernumCipher found in the article "Encryption With ASP" on ( What I need to be able to do is encrypt the form data client side to send it securely back to the server there to be decrypted and stored in a database. Can anyone give any tips on some code that might do this?<BR><BR>If you want to send something directly to me, send it to<BR><BR>Thanks

  2. #2
    toby_2 Guest

    Default RE: Client Side Encryption For Form Data

    I was playing around a prospective client&#039s site recently that implemented a client side encryption. And it was very elegant. The source code that is.<BR><BR>I don&#039t see a way to hide a generic encryption that can be performed on the client, as the source will always be available.<BR><BR>You could generate a random key each time the page is built, sounds like hefty work, or you could just use SSL, which does the job for you.<BR><BR>

  3. #3
    Christiaan Verwijs Guest

    Default RE: Client Side Encryption For Form Data

    You solve this problem in several ways. The &#039easy&#039 way is SSL. I&#039m sure that someone else will post a reply concerning this topic :) i will focus on another more difficult way (because you can&#039t always use SSL).<BR><BR>What i did was download the source-code for the RSA-encryption from and use that to write two scripts: a client-side script and a server-side script. RSA is an encryption that uses two keys: a private and a public key. The public key is hard-coded into the client-script and the private key or stored on the server. <BR><BR>When the visitor hits the &#039submit&#039 button on the site, the client-script encodes the data with the public key. The entire encoded form-data is send to the server where it is decrypted using the private key. This method is quite difficult because you have to write two scripts: one for the client and one for the server. I have used a VBscript for the client, but in most cases i think you want to use JScript because it is compatible with Netscape. However, i really don&#039t know how to convert a encryption-algorithm to JScript. <BR><BR>The advantage of this method: it&#039s very safe and you know exactly what&#039s going on. Instead of hard-coding the keys, you can even chose to use a script that changes both keys every X hours making it very difficult for people to hack your site (unless they hack the database of course).

  4. #4
    Quang Nguyen Guest

    Default RE: Client Side Encryption For Form Data

    Can you please tell me if the key you used in your script is 64 bits or bigger? I&#039m looking for some source code that use the key length more than 64 bits, but i couldn&#039t find any. Does any one have any idea?<BR><BR>Thanks in advance.<BR><BR>Quang

  5. #5
    Christiaan Verwijs Guest

    Default RE: Client Side Encryption For Form Data

    I use a 64-bit key. I&#039m pretty sure that the script i have supports 128-bit keys though (i don&#039t recommend it, doesn&#039t make your application very fast, especially with the slow RSA)<BR><BR>You can find the script i&#039m using at Go to their ASP-section and search for &#039encryption&#039.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts