Re: Salting with hash data
- From: Ilmari Karonen <usenet2@xxxxxxxxxxxxxx>
- Date: Thu, 28 Feb 2008 23:37:10 GMT
Paul Rubin <http> kirjoitti 28.02.2008:
HappyCat <noemail> writes:
There would be around 50-100k log entries monthly, and 6 months of
historical logs kept. On an average month there would be a dozen or so
queries on the data which are mainly used for debugging or analysis.
If these queries don't need quick online responses, encrypt the hashes
in the log with a public key, for which the private key is on a
separate computer locked in a safe. Do the analysis on the separate
computer and never connect the separate computer to the internet.
Presumably there should be some random data tacked onto each card
number before it is encrypted, otherwise this will offer little
protection against brute force guessing.
--
Ilmari Karonen
To reply by e-mail, please replace ".invalid" with ".net" in address.
.
- Follow-Ups:
- Re: Salting with hash data
- From: Paul Rubin
- Re: Salting with hash data
- References:
- Salting with hash data
- From: HappyCat
- Re: Salting with hash data
- From: Paul Rubin
- Re: Salting with hash data
- From: HappyCat
- Re: Salting with hash data
- From: Paul Rubin
- Re: Salting with hash data
- From: HappyCat
- Re: Salting with hash data
- From: Paul Rubin
- Salting with hash data
- Prev by Date: Re: Salting with hash data
- Next by Date: Re: Salting with hash data
- Previous by thread: Re: Salting with hash data
- Next by thread: Re: Salting with hash data
- Index(es):
