Thread: Private Messaging - Encrypted?
View Single Post
  #7  
Old 02-21-2007, 02:32 PM
magnus's Avatar
magnus magnus is offline
 
Join Date: Apr 2002
Location: Miami, FL
Posts: 1,107
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
There has to be a password. Whether the password is chosen by the user or randomly assigned, there's still one there. Sure, one could be randomly determined from the datestring, username, etc.. or any combination. By predetermining the string, it would then need to be stored within the DB -- thus, in my opinion, rendering encryption useless. The only true way to keep it secure is to have the parties involved share the password/key/hash amongst themselves in advance.

I assume the whole point of this is so that you, the Admin (or anyone with access to the MySQL DB), cannot read a member's PM's. Correct?

* Edit --

One way for this to happen is the sender chooses a string of characters to base the encryption off of, then that string (or decryption key) is sent to the recipient via e-mail. That way the key is not stored in the DB, and the only parties with access to it are the sender and recipient(s).

In retrospect, if there's no secure method of sharing the key externally -- encryption would be overkill and a simple PHP encode(); would basically yield the same result, as you can then decode(); the text with no need for a key.

Of course, one would then need to determine the actual usefulness of such a modification -- as I can't see people sharing things requiring that level of security over a public medium such as a vBulletin forum.
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01042 seconds
  • Memory Usage 1,763KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete