Timoh has published a data encryption cheatsheet to his blog today. It's "a short guide" to help you prevent some of the more common encryption-related problems in your application, specifically around symmetric data encryption.
This cheatsheet assumes a “client-server” situation, which is probably a typical case with PHP applications. Naturally the recommendations given here are not the “only possible way” to handle data encryption in PHP, but this cheatsheet aims to be straightforward and tries to leave less room for mistakes and (possibly confusing) choices.
The cheatsheet includes information on topics like:
- Encryption algorithm / mode of operation / nonce (initializing vector)
- Encryption and authentication keys
- Key stretching
- Key storage and management
- Data compression
It's jam-packed full of great information, so definitely check it out if you're doing any kind of encryption in PHP.