BestHub
Sign in
Information Security 4 min read

How to Secure Data Transmission with PHP: HTTPS, Symmetric and Asymmetric Encryption

This article explains why encrypting data transmission is essential, then demonstrates how to secure PHP-based communications using HTTPS, symmetric algorithms such as AES, and asymmetric encryption with OpenSSL, including complete code examples and key management tips.

php中文网 Courses
php中文网 Courses
php中文网 Courses
How to Secure Data Transmission with PHP: HTTPS, Symmetric and Asymmetric Encryption

With the growth of the Internet, protecting data transmission has become a critical concern because unencrypted traffic can be intercepted, leading to data leakage or tampering.

PHP, a widely used server‑side language, offers several ways to encrypt data in transit. This guide covers three main methods.

1. Use HTTPS

HTTPS, built on the SSL/TLS protocol, adds an encryption layer between HTTP and TCP, preventing man‑in‑the‑middle attacks and data theft. PHP sites can enable HTTPS by configuring the web server and obtaining a valid certificate.

2. Use symmetric encryption algorithms

Symmetric algorithms such as AES, DES, and 3DES use the same key for encryption and de‑cryption. The following PHP code shows how to encrypt and decrypt data with AES‑128‑ECB using openssl_encrypt and openssl_decrypt .

$key = "密钥"; // key
$data = "待加密数据"; // data to encrypt

// encrypt
$encryptedData = openssl_encrypt($data, 'AES-128-ECB', $key, OPENSSL_RAW_DATA);

// decrypt
$decryptedData = openssl_decrypt($encryptedData, 'AES-128-ECB', $key, OPENSSL_RAW_DATA);

3. Use asymmetric encryption algorithms

Asymmetric encryption uses a public‑private key pair; the sender encrypts with the public key and the receiver decrypts with the private key, eliminating the need to share secret keys. PHP’s OpenSSL extension can generate keys and perform encryption/decryption as shown below.

// generate key pair
$config = array(
    "digest_alg" => "sha512",
    "private_key_bits" => 2048,
    "private_key_type" => OPENSSL_KEYTYPE_RSA
);
$res = openssl_pkey_new($config);
openssl_pkey_export($res, $privateKey);
$publicKey = openssl_pkey_get_details($res)["key"];

$data = "待加密数据";

// encrypt
if (openssl_public_encrypt($data, $encryptedData, $publicKey)) {
    // decrypt
    if (openssl_private_decrypt($encryptedData, $decryptedData, $privateKey)) {
        echo $decryptedData;
    }
}

By applying HTTPS, symmetric encryption, or asymmetric encryption—and by managing keys securely and rotating them regularly—developers can ensure the confidentiality, integrity, and authenticity of data transmitted by PHP applications.

PHPEncryptionOpenSSLHTTPSasymmetric encryptionSymmetric Encryption
php中文网 Courses
Written by

php中文网 Courses

php中文网's platform for the latest courses and technical articles, helping PHP learners advance quickly.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment