Code Forums - View Single Post

teknomage1 · 02-14-2005, 11:29 PM

Why not have a temporary key that's randomly generated either from /dev/random or the current time in microseconds, and send the temp key plus the encrypted cc# in two seperate messages to the storage server where it's decrypted then recrypted with a proper key. That way the malicious attacker would have to intercept the cc# as it was entered to actually get at the info.

02-14-2005, 11:29 PM	#9 (permalink)
teknomage1 Jack of all trades Join Date: Feb 2005 Location: Los Angeles Posts: 598	Why not have a temporary key that's randomly generated either from /dev/random or the current time in microseconds, and send the temp key plus the encrypted cc# in two seperate messages to the storage server where it's decrypted then recrypted with a proper key. That way the malicious attacker would have to intercept the cc# as it was entered to actually get at the info.