I need to transfer data from a PHP script on my local server to a remote API (also written in PHP) on my hosting server. It is basically a primitive version control system, and I use both HTTP GET and HTTP POST to transfer files and strings.
I would like the connection encrypted, but my (shared) web host tells me I can't use SSL because I can't get a dedicated IP address--and even if I could, I don't want to spend any more money on it.
My question is: Is there a better way to do this?
Some possibilities I have considered are using the mcrypt extension in PHP to encrypt data at one end and decrypt at the other.
I also thought of TLS, which--as I understand--can be used to create a secure connection without certificates?
EDIT: Please see this question as a follow up regarding OpenPGP, GnuPG and transfer using MIME.
What is the problem with just using a simple symmetric encryption (for example with the help of mcrypt) or something with a public/private key if you really need the signing and all? Another possible solution could be to use installed system tools and put all your files in a password protected zip file. (php function call "system()")