On Mon, 28 May 2012 11:19:01 -0700, Phil Smith <a...@efghijk.lmn> wrote:
>
>Well, if the goal is to protect the data, then it needs to be
>cryptographically secure. "Security through obscurity" isn't security.
>
><plug>
>Voltage SecureData is an encryption platform that provides Format-Preserving
>Encryption, using a mode of AES (almost but not quite through the NIST
>approvals process-awaiting final comments only) that does what it sounds like:
>preserves the format of the input. So if you encrypt a 9-digit number, you get
>back a 9-digit number. If you encrypt "Peter Sylvester, 123 Main St", you get
>back Xxxxx Xxxxxxxxx, nnn Xxxx Xx", where the Xs and Ns are characters and
>digits, respectively. And there are lots more options.
> ...
></plug>
Can it deal with validity constraints such as the credit card check digit:
http://en.wikipedia.org/wiki/Luhn_algorithm
...? And I understand that some 9-digit keys eschew any values
that contain the sequence "666" as a courtesy to the client.
(Actually at the client's option, but suppose it were to be made a
rule.)
-- gil
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN
