[boulder.pm] RFC on encryption approachwq
Walter Pienciak
walter at frii.com
Tue Jan 16 14:29:44 CST 2001
I'm looking for feedback/ideas on the following problem:
I'm building an external web app that
1) takes in some sensitive data (e.g., credit card number)
2) may NOT use any realtime processing of that data
3) talks to a machine, inside a firewall, requiring that data.
Some of the time, I have to assume, that network connection will
be down. So the data needs to be stored on the outside machine
until the connection can be made and the data pulled in.
Obviously, this means encryption.
I'd prefer to use something simple but strong like Crypt::Blowfish,
but it is based on a shared secret: process A on the outside server
uses $key to encrypt the data and process B on the inside machine
uses $key to decrypt it.
The "issue" is that if the outside server was hacked, $key could
be used to decrypt the data (if it was still on the machine).
Am I being totally paranoid, pedantic, and this worry is complete
overkill? Or should I ought to look at the PGP/GPG approach, and
the outside server has the "public key", while only the inside machine,
which would pull the data, would have the "private key"?
Walter
More information about the Boulder-pm
mailing list