Hi,
I need someone to design the security of my app. Basically it asks users to log on and information is then sent to the server(it needs to be encrypted). Then, if the login is successful a second password is sent from the server to the app. This second pass must be made dynamic, I will send you some information from the users PC and you should use this information to encrypt this pass(perhaps use the info i send + the users password as a key?) then send it in its encrypted form.
After this some more info is also sent from the server to the app. But it is not as sensitive.
You will have to design a key based encryption/decryption class in both php and c++. They should work interchangably so if i encrypt with the c++ class, the php class should be able to decrypt it.
I also dont want to keep the php encryption/decryption class on the same server as my login file, is it possible to put it on a different server then POST messages to it to get encrypted/decrypted strings?
Thanks!