I believe in framing the question before jumping to the answer, so before I make a lot of assumptions, I'll just ask some basic questions:
- Are you transfering content that will be viewed in a web browser? Or is this content that will be used by some kind of back-end system at your client's location?
- What kind of relationship do you have with your clients? Do you have a speaking relationship, where you can discuss security matters, or an anonymous relationship, where you have to make assumptions and provide a very general solution?
- Do you trust your clients, or is there a community that can be trusted? Do you need to provide unique encrypt-decrypt information for each client?
- What does your data look like, big chunks of data, or many little pieces?
- How important is speed here? Do you need to generate information on the fly, or can information be 'pre-encrypted' for transmission at a later time?
- What level of inconvenience are your clients willing to tolerate? Where is the balance point between security and useability in your situation?
That's a lot of things to think about! If your clients are known and you have a business relationship with them, they will be more likely to allow you to install the encrypt/decrypt gateway software on their side. If you are dealing with multiple anonymous clients, you have to go with an encryption system that is available on multiple platforms and is easy to use.
True security is HARD so take some time to research the different systems available and define your needs as specifically as possible so you will know what the solution looks like when you find it :)
oakbox