InnoDB?

[Rick Langschultz]

Thank you for the reply. I understand the reasoning behind your
response. My company and I were thinking about storing the numbers
permanently but I guess that will not be a good idea. There is a
firewall being deployed also. However, I do see the point.

-----Original Message-----
From: mos [mailto:mos99 at fastmail.fm] 
Sent: Friday, October 15, 2004 10:19 PM
To: mysql at lists.mysql.com
Subject: Re: InnoDB?

At 09:45 PM 10/15/2004, you wrote:
>Can I safely store multiple customer credit card numbers in a table
that
>is InnoDB, if I use an Encrypt() to encrypt the number and then decrypt
>the number? The site will have a shared SSL cert on it. Please give me
>tips.

No. The Encrypt function is too weak. AES_Encrypt/AES_Decrypt or 
DES_Encrypt/DES_Decrypt are stronger. However I would strongly recommend

that credit card numbers not be permanently stored in the table. SQL 
commands can appear in a log file, complete with the password. So if 
someone gets the log file, he can get to crack your credit cards quite 
easily.  The alternative would be to use an encryption algorithm native
to 
a programming language like PHP or C++ etc., so there would be no record
of 
it in any log file. You encrypt/decrypt after you have retrieved the
data 
from the table. But this isn't foolproof either because the password
will 
have to be entered manually when the application runs, which may rule
this 
method out if it is a webserver.

The best way is not to store the credit card number at all, but store
the 
hash instead. Use something like MD5 to create a checksum of the credit 
card number and store that. You could then use it to determine if the 
credit card had been previously used, but there is no (easy) way to 
retrieve the original credit card number.

Mike 


-- 
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:
http://lists.mysql.com/mysql?unsub=rlangschultz@cox.net