PHP: Obfuscation And Deobfuscation Of Integer IDs To Enhance Security
This Blog has moved from Medium to blogs.tensult.com. All the latest content will be available there. Subscribe to our newsletter to stay updated.
Overview:
In software development, obfuscation is the deliberate act of creating a source or machine code that is difficult for humans to understand. Programmers may deliberately obfuscate code to conceal its purpose (security through obscurity) or it’s logic or implicit values embedded in it, primarily, to prevent tampering, deter reverse engineering, or even as a puzzle or recreational challenge for someone reading the source code.
However, in my Scenario Obfuscation is the procedure of converting the value into different value for security purpose(Securing value or ID from Others by converting the original value)
Deobfuscation is nothing but the reverse of Obfuscation. Deobfuscation is the procedure of converting the obfuscated value back to original value or ID
In this article, I’m going to explain about Obfuscation and Deobfuscation of Integer values or ID’s with unique security key.
The security key is the key which will play a major role in obfuscating and deobfuscating values. If you are obfuscated a value with a particular security key, then the same key has to be used for deobfuscating that obfuscated values.
The below PHP code converts the Integer ID into base36 obfuscated values with the given security key and deobfuscates the obfuscated value with the same security key.
Sample output:
Output 1:
Output 2:
In both output 1 and output 2, we are giving 11234 as input for ID. But in output 1 security key is 34 and in output 2 security key is 213. With the same ID and different secret keys, the obfuscated values also different.
Note:
- The ID and Secret Key must be an Integer.
- The secret key value can be positive or negative Integer(must be in the range of ‘-500’ to ‘500’ for more accurate obfuscation and deobfuscation in all scenarios).
Reference:
