Thank you for the reply. I understand the reasoning behind your response. My company and I were thinking about storing the numbers permanently but I guess that will not be a good idea. There is a firewall being deployed also. However, I do see the point. -----Original Message----- From: mos [mailto:mos99@xxxxxxxxxxx] Sent: Friday, October 15, 2004 10:19 PM To: mysql@xxxxxxxxxxxxxxx Subject: Re: InnoDB? At 09:45 PM 10/15/2004, you wrote: >Can I safely store multiple customer credit card numbers in a table that >is InnoDB, if I use an Encrypt() to encrypt the number and then decrypt >the number? The site will have a shared SSL cert on it. Please give me >tips. No. The Encrypt function is too weak. AES_Encrypt/AES_Decrypt or DES_Encrypt/DES_Decrypt are stronger. However I would strongly recommend that credit card numbers not be permanently stored in the table. SQL commands can appear in a log file, complete with the password. So if someone gets the log file, he can get to crack your credit cards quite easily. The alternative would be to use an encryption algorithm native to a programming language like PHP or C++ etc., so there would be no record of it in any log file. You encrypt/decrypt after you have retrieved the data from the table. But this isn't foolproof either because the password will have to be entered manually when the application runs, which may rule this method out if it is a webserver. The best way is not to store the credit card number at all, but store the hash instead. Use something like MD5 to create a checksum of the credit card number and store that. You could then use it to determine if the credit card had been previously used, but there is no (easy) way to retrieve the original credit card number. Mike -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/mysql?unsub=rlangschultz@xxxxxxx
