Monty, is this like a product you're selling? I would like more information,
although I haven't gotten to this yet in my security sweep.
On Wednesday 21 November 2001 06:27 am, Michael Widenius wrote:
> Hi!
>
> >>>>> "Ken" == Ken Kinder <[EMAIL PROTECTED]> writes:
>
> <cut>
>
> Ken> I would like to know if anyone has some advice on encrypting credit
> cards Ken> myself, as it's something I'm going to be needing to look into
> for my own Ken> purposes.
>
> We are working on a solution to this which will be available in about
> 3 weeks. Some of the features of this are:
>
> - We will use a strong encryption function: (des_encrypt()/des_decrypt())
> - The credit cards will be crypted in the data files. Just getting
> access to the data files will not make it possible to decrypt the
> credit cards.
> - The 'salt' used for encryption can either be stored in a file on the
> server (as a default value for the des_xxx() functions) or specified
> in the SQL statement.
> This enables a customers to do search in the customer database for
> his entry based on his credit card number without having to know the
> 'salt'
>
> SELECT * from customer_database WHERE
> credit_card=des_encrypt("his-used-credit-card");
>
> - To decrypt things, the MySQL user need to have certain privileges
> (for using the default key) or specify the used 'salt' to des_decrypt()
>
> We will write a full documentation for this as soon we got this
> implemented.
>
> Regards,
> Monty
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
