使用mcrypt或GnuPG存储信用卡详细信息 [英] Storing credit card details with mcrypt or GnuPG
问题描述
使用mcrypt与mcrypt_dev_random来生成init_vector需要不同的年龄加密/解密但似乎是最安全的选项。 mcrypt_dev_urandom更快,但不适合长期存储 - 正如我已经阅读。
看GnuPG作为一个可能的替代方案,并希望有一些意见/提出这些可能
如果您真的想要安全地存储信用卡信息,那么它有一个标准: 支付卡行业数据安全标准。与使用一种特定的加密算法相比, 更多地涉及到。 它需要您将部分卡的详细信息存储在两个物理上独立的机器上,等等。即使您遵守PCI标准,专家认为您仍然没有完全保密。任何不到这一点都不值得详细讨论,因为整体的安全级别太低,几乎没有什么不同。
I have a requirement to store credit card details (not storing is NOT an option).
Using mcrypt with mcrypt_dev_random to generate init_vector takes varying ages to encrypt/decrypt but seems is the most 'secure' option. mcrypt_dev_urandom MUCH quicker but not suitable for long term storage - as I have read.
Looking at GnuPG as a possible alternative and would like some opinions/heads up on these if possible.
If you really want to store credit card information securely, there's a standard for it: Payment Card Industry Data Security Standard. And it's a lot more involved than using one specific encryption algorithm. It requires you to store parts of the card details on two physically separate machines, among many other things. And even if you follow the PCI standard to the letter, experts argue you're still not entirely secured. Anything less than that is pretty much not worth discussing in detail, since the overall level of security is so low that it hardly makes a difference.
这篇关于使用mcrypt或GnuPG存储信用卡详细信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
