I was expecting an answer like: "put encrypt() in your setter method and decrypt() in your getter"... heh. Or better yet, a link to a function on cflib... looks like this is going to be a big one.
Baz -----Original Message----- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Thursday, January 12, 2006 5:59 PM To: CF-Talk Subject: RE: Encrypt CC number and store in DB > What's the best way to encrypt a CC number and store it in DB? The "best way" is really a business question - what's the best way for one company may not be best for another. My answers below emphasize security above convenience, but that might not be the choice you want to make. Ideally, it's best not to store it at all. If you must store it, you shouldn't allow the same application to encrypt and decrypt the number. For example, using PKI you could have your ecommerce application encrypt the number, and a private internal application on a separate machine could then decrypt it. Choosing an algorithm is much less important than figuring out how you'll manage keys. It doesn't matter how strong your encryption algorithm is, if an attacker can get all the keys from one place. This is the big problem with symmetric encryption, of course. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:229402 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
