I want to encrypt long paragraphs of text using Rijndael-256 (the text has been compressed and converted to base64 before this).
It is very unlikely for the two to be the same. But if they happen to be, would adding a random key to the start or end of the text secure it (regardless of whether they're the same), just in case users write the same text?
Also, how would people get this encrypted text? My website is secured against SQL injection, and the conversion is server-side – the user only sees what they have written as they A. write it, and B. read it later. Would someone have to hack onto the cPanel to see the text? But they they'd see the encryption code too? Or they could log on as the user by changing the hashed password and security settings and view the user's private documents... So is there any point in this type of security? What is worthwhile, and what is just "futile"? (You can mail me if you want to deter potential hackers. But I think they'd already know this...)
Thanks for reading. My question is: Is ECB safe if you won't get duplicate results?
I can't find enough information for CBC and HMAC, so how would you go about doing this? How would you know the IV when you want to duplicate it? (Wouldn't putting it in the database defeat the purpose?)
Sorry if I sound clueless. I've been programming since 2009 but still don't know things like this...
