BestHub
Sign in
Information Security 4 min read

How to Secure Data Transmission with PHP: HTTPS, Symmetric and Asymmetric Encryption

This article explains why encrypting data transmission is essential, then demonstrates how to secure PHP-based communications using HTTPS, symmetric algorithms such as AES, and asymmetric encryption with OpenSSL, including complete code examples and key management tips.

php Courses
php Courses
php Courses
How to Secure Data Transmission with PHP: HTTPS, Symmetric and Asymmetric Encryption

With the growth of the Internet, protecting data transmission has become a critical concern because unencrypted traffic can be intercepted, leading to data leakage or tampering.

PHP, a widely used server‑side language, offers several ways to encrypt data in transit. This guide covers three main methods.

1. Use HTTPS

HTTPS, built on the SSL/TLS protocol, adds an encryption layer between HTTP and TCP, preventing man‑in‑the‑middle attacks and data theft. PHP sites can enable HTTPS by configuring the web server and obtaining a valid certificate.

2. Use symmetric encryption algorithms

Symmetric algorithms such as AES, DES, and 3DES use the same key for encryption and de‑cryption. The following PHP code shows how to encrypt and decrypt data with AES‑128‑ECB using openssl_encrypt and openssl_decrypt.

$key = "密钥"; // key
$data = "待加密数据"; // data to encrypt

// encrypt
$encryptedData = openssl_encrypt($data, 'AES-128-ECB', $key, OPENSSL_RAW_DATA);

// decrypt
$decryptedData = openssl_decrypt($encryptedData, 'AES-128-ECB', $key, OPENSSL_RAW_DATA);

3. Use asymmetric encryption algorithms

Asymmetric encryption uses a public‑private key pair; the sender encrypts with the public key and the receiver decrypts with the private key, eliminating the need to share secret keys. PHP’s OpenSSL extension can generate keys and perform encryption/decryption as shown below.

// generate key pair
$config = array(
    "digest_alg" => "sha512",
    "private_key_bits" => 2048,
    "private_key_type" => OPENSSL_KEYTYPE_RSA
);
$res = openssl_pkey_new($config);
openssl_pkey_export($res, $privateKey);
$publicKey = openssl_pkey_get_details($res)["key"];

$data = "待加密数据";

// encrypt
if (openssl_public_encrypt($data, $encryptedData, $publicKey)) {
    // decrypt
    if (openssl_private_decrypt($encryptedData, $decryptedData, $privateKey)) {
        echo $decryptedData;
    }
}

By applying HTTPS, symmetric encryption, or asymmetric encryption—and by managing keys securely and rotating them regularly—developers can ensure the confidentiality, integrity, and authenticity of data transmitted by PHP applications.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

encryptionOpenSSLHTTPSasymmetric encryptionsymmetric encryption
php Courses
Written by

php Courses

php中文网's platform for the latest courses and technical articles, helping PHP learners advance quickly.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment