2

I am doing an HTTP Post from Android like:

http://abc.com/[email protected]&device=A123456789

PHP receives the request does what it is supposed to and sends the response back to Android.

It works as expected. But I want to encrypt the parameter values for user= and device= from my Android code and then transmit the request. On the other hand when the request is received at the server by the PHP, I want to decrypt the parameters and then do what the PHP is doing.

What would be a recommended method of doing this?

Improve this question

2 Answers 2

Reset to default
2

You can use Bouncy Castle or javax.crypto namespace for Java in Android

and in PHP you can use the mcrypt function

Make sure you use the SAME...

  1. Cryptographic Algorithm
  2. Mode of Operation
  3. Key Size
  4. Padding (Optionally)
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

If you are not worried about your data being decrypted you can use a own crypt algorithmic, since most users will not know what are your doing with those Strings.

An better way to do that is POST these parameters through the message body, and not in the URL. And if available, use a SSL connection.

Improve this answer

11 Comments

Well I need to decrypt the data on the server side, thats for sure.
You has access to the Server Side implementation? If you do you can use the "own crypt" approach.
If he's not worried about the data being decrypted, why would he encrypt in the first place?
@Ranhiry Cooray : I don't know, this was his question.
@Marcos : That's considered security through obscurity, which is actually worse than no security in that it gives people a false sense of security.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.