Alternate to MCrypt?

MarkB423

I was curious if anybody knew of any encryption/decryption algorithms that could be used in place of MCrypt? I plan on using these methods to encrypt credit card data and installing a port of MCrypt on my host's Windows servers seems to be a problem.

planetsim

With that it can be decrypted i remember seeing mdecrypt. I was gonna use that.

md5(); is good

although it cant be decypted but whats the point in it being decrypted if you have just encrypted it

MarkB423

I need to encrypt the credit card number to store it in a database, then decrypt it when an order is to be processed. I need something like a set of PHP functions similar to MCrypt that I can easily use on any type of platform.

planetsim

dont encrypt it then
I dont think theres any other function
But to tell you the truth. If it can be decypted so easily whats the point. A Hacker will be smarter than you. And quickly pounce on that.

MarkB423

I disagree. What if a hacker gains access to a MySQL database (or all of them) and sees a giant list of unencrypted credit card numbers? A single login/password combo can gain access to many databases in MySQL. If the hacker didn't get FTP access, then they cannot decode the numbers. (In case you are not familiar, not only do you choose an algorithm to encode with, but you add your own "key" that the algorithm uses to to encode and decode data--without this key, data cannot be decoded.)

planetsim

What you dont know, is. If a hacker gets into your account for web hosting is.

They can easily go through your files quickly and see how you encrypted that data.

md5() doesnt have a key so its harder to decrypt
as mycrypt does

Its only a matter of time before its cracked

MarkB423

Originally posted by MarkB423
If the hacker didn't get FTP access, then they cannot decode the numbers.

The hacker does not need to have FTP access to have MySQL access. Naturally, if the hacker gets FTP access, they can easily get MySQL access--but not the other way around.