We are working on the use of the Xbase++ AES encryption for certain fields related to credit card data. I have been reading alot about keys and Salts and addition of random info to data to improve the quality of the encrypted data, especially when the first 8 characters of the 16 digit credit card numbers can be the same for alot of accounts.
PCI requirements are in play.
Questions:
1. What is the best way to handle keeping the key secret, given dual person access rules. Some people have compiled into their programs via a header file that is access controlled. Others have split the key and loaded it from different sources in realtime. Some have hidden the key within other data.
What are suggestions that others have found to be reliable and pass PCI audit requirements?
2. Has anyone use the cryptoapi library from di-mgt.com.au and have any wrappers for their. I thought I read something on the newsgroup regarding this tool and wrappers to the PKI verison of the library but cannot find the information now.
3. di-gmt.com.au has a paper on "Encrypting credit card numbers in a database" that talks about using an fresh "IV" each time credit card information is saved or updated. Is this something that others generally use and any suggestions on the best way to use it.
Thanks for any thoughts on this subject.
Cliff.
AES encryption and key storage
-
- Posts: 605
- Joined: Thu Jan 28, 2010 9:11 pm
- Location: Steven Point, Wisconsin USA
- Contact:
Re: AES encryption and key storage
Hi Cliff
Attach wrapper crypto sys, compile with library ot4xb of Pablo Botella
http://www.cryptosys.net/pki/
Attach wrapper crypto sys, compile with library ot4xb of Pablo Botella
http://www.cryptosys.net/pki/
- Attachments
-
- cryptosys.rar
- wrapper pki
- (3.91 KiB) Downloaded 949 times
-
- Posts: 605
- Joined: Thu Jan 28, 2010 9:11 pm
- Location: Steven Point, Wisconsin USA
- Contact:
Re: AES encryption and key storage
Thanks,
Could not find it.
Cliff
Could not find it.
Cliff
Re: AES encryption and key storage
- Attachments
-
- crypto.rar
- (592.23 KiB) Downloaded 899 times