Re: Salting with hash data


If my (limited) understanding is correct HMAC would also need to fit
into key management schemes to protect the key (which is something
I'd prefer to avoid if possible). Is this correct?

Yes, you have to protect the key. Yes, it is difficult, especially in
an online system. These are credit card numbers you're talking about?
How many are there? How often do you have to check whether one is in
the log?


Yes, this is card number data being protected.

There would be around 50-100k log entries monthly, and 6 months of
historical logs kept. On an average month there would be a dozen or so
queries on the data which are mainly used for debugging or analysis.

.

Relevant Pages

  • Re: Last nights Panorama - totally one-sided
    ... appointment at a local state ... clinic to have my mouth swabbed out by some apparatchik of the ... You need a credit card, Oyster card, driving licence, security ... protect your fellow passengers. ...
    (uk.politics.misc)
  • Re: Help with selling
    ... That wouldn't protect you from people who use a stolen credit card, ... credit card, or from people who are using funds that came from someone ... who got paid with a stolen credit card, ... your prices. ...
    (uk.people.consumers.ebay)
  • Re: Consumer Credit Act section 75
    ... protect consumers using a credit card, that was merely a side effect. ... It's main purpose was to protect people making hire purchase ... decision to pay the supplier in cash. ...
    (uk.legal)
  • Re: I hope nobody is waiting for a Plasma from Tiny?
    ... >> law was made to protect the public when a company goes under, ... > If people pay by credit card, and most of them will have, they will be okay. ...
    (uk.tech.digital-tv)
  • instant disposable VISA number!
    ... Protect your main credit card and bank account from questionable merchants. ...
    (sci.med.pharmacy)