Posted by Robert G Laurin on February 19, 2010 at 13:36:24:
In Reply to: Comet and Crypto posted by Jim Guerber on February 19, 2010 at 13:07:58:
Not sure your syntax is ideal..
Since it is a compiler thing, wouldn't you rather have specific commands for specific encryption? Number of parameters varies.
AESEncrypt(Str, Key) AESDecrypt(Str, Key) for AES_Encryption (currently considered secure, encryption level varies based on length of key 128/256)
DESEncrypt(Str, Key) DESDecrypt(Str, Key) for DES_Encryption
MD5(str) for one-way hash (security has been broken for 2+ years)
SHA1(str) for one-way hase (more secure, see RFC 3174)
I personally use AES_Encrypt and SHA1 with the help a MySQL server, but it is not considered secure because un-encrypted information travels on the local network. I am experimenting with SSL VPN over a private LAN, it's a real pain.
What can someone do to get the PCI Compliance.
Each file can be a maximum of 1MB in length Uploaded files will be purged from the server on a regular basis.