is there an effective way to encrypt data from the user?
What I'm trying to do is to get ruby to send some information to a
server, however I'd rather that it was secured somehow, to prevent the
user from tampering with it. is that possible due ruby being a
interpreted language?
Hi Phil,
When you say you want to prevent tampering with the data, do you mean:
* you want to prevent the user from seeing the raw data being sent, or
* you want to prevent the user simply from altering the data being sent?
If you just want to prevent altering and don't care about seeing, you
could use a checksum, like an MD5, SHA1, SHA2, etc., all of which are
available in the 'digest' standard library. Specifically, you can do
is an append a secret "key" to the end of your data and perform one of
the checksums. You send your unencrypted data along with the checksum
to the server. The server can verify that the data has not been
altered by appending the same secret "key" to the data, performing the
checksum, and comparing the result to the checksum sent.
You haven't said much about the context, so it's hard to know whether
this solution would meet your needs or not. Are you trying to prevent
casual tampering or really trying to create a bullet-proof solution?
All of these issues need to be considered when evaluating a solution.
Best,
Eric
===
LearnRuby.com offers Rails & Ruby HANDS-ON public & ON-SITE workshops.
Ready for Rails Ruby Workshop June 23-24 Ann Arbor, Mich.
Ruby on Rails Workshop June 25-27 Ann Arbor, Mich.
Ruby Plus Rails Combo Workshop June 23-27 Ann Arbor, Mich.
Please visit
http://LearnRuby.com for all the details.
