How to Secure Data Transmission with PHP: HTTPS, Symmetric and Asymmetric Encryption

With the continuous development of the Internet, the security of data transmission has become a constantly concerned topic. Unencrypted data can be easily intercepted, leading to privacy leaks or data tampering, so encryption is essential.

1. Use HTTPS

HTTPS is an HTTP protocol secured by SSL/TLS, adding an encryption layer between HTTP and TCP to ensure safe data transmission. Using HTTPS can effectively prevent man‑in‑the‑middle attacks and data theft. In PHP‑based websites, you can enable HTTPS by configuring the server and site.

2. Use Symmetric Encryption Algorithms

Symmetric encryption uses the same key for encryption and decryption. PHP can employ common symmetric algorithms such as AES, DES, and 3DES. Both parties must agree on the key in advance and keep it secure.

Example code for symmetric encryption in PHP:

$key = "密钥"; // key
$data = "待加密数据"; // data to encrypt

// encrypt
$encryptedData = openssl_encrypt($data, 'AES-128-ECB', $key, OPENSSL_RAW_DATA);

// decrypt
$decryptedData = openssl_decrypt($encryptedData, 'AES-128-ECB', $key, OPENSSL_RAW_DATA);

3. Use Asymmetric Encryption Algorithms

Asymmetric encryption uses a key pair: a public key for encryption and a private key for decryption. The sender encrypts with the public key, and the receiver decrypts with the private key, eliminating the need to transmit the private key.

PHP can use the OpenSSL extension for asymmetric encryption. Example code:

// generate key pair
$config = array(
    "digest_alg" => "sha512",
    "private_key_bits" => 2048,
    "private_key_type" => OPENSSL_KEYTYPE_RSA
);
$res = openssl_pkey_new($config);
openssl_pkey_export($res, $privateKey);
$publicKey = openssl_pkey_get_details($res)["key"];

$data = "待加密数据"; // data to encrypt

// encrypt
if (openssl_public_encrypt($data, $encryptedData, $publicKey)) {
    // decrypt
    if (openssl_private_decrypt($encryptedData, $decryptedData, $privateKey)) {
        echo $decryptedData;
    }
}

By applying these three methods—HTTPS, symmetric encryption, and asymmetric encryption—you can ensure secure communication in PHP applications. Remember to manage keys securely and rotate them regularly to further enhance transmission security.