LISTSERV - HP3000-L Archives

HP3000-L Archives

July 2007, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L July 2007, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Data Encryption on TurboImage/MPE
From:	Mark Klein <[log in to unmask]>
Reply To:	Mark Klein <[log in to unmask]>
Date:	Sat, 14 Jul 2007 15:38:18 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (31 lines)

On Sat, 14 Jul 2007 07:22:39 -0700, Larry Page <[log in to unmask]> wrote:

>Yes, we are trying to achieve PCI compliance, hence the requirement at 
>a data level.

So, you have a couple of options here, depending on whether you need to
know the PAN after the transaction has completed, or if you just use the
PAN for later authentication or identification of the user. The latter is as 
simple as creating a secure hash of the PAN for storage. The former means 
you do need to encrypt minimally the PAN but should encrypt additional
information as well.

In either case, most of these algorithms are block ciphers, working on
groupings of 128 bits at a time. If you have less than 128 bits of data
to encrypt, you still need to allocate 128 bits (16 bytes) of data for
each block, even if the source data is less than 128 bits. Further, if
less, you need to be very careful about how you create the remaining
bits to fill the block to 128 bits. Finding a good source of entropy
on the HP3000 is difficult. 

Are you able to redesign your database tables accordingly?

Regards,

M.

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2

RAVEN.UTC.EDU