Quote:
|
Originally Posted by Ed Hansberry
It is almost impossible to come back to your CC# from that number. See http://www.aspencrypt.com/crypto101_hash.html for more info. Bottom line is it would require more computing effort and time to extract your CC than it would be worth based on the credit limit of your CC... |
Yeah something like a MD5 Hashing Algorithm combined with random salt would probably use up Bill Gate's credit limit in electric alone. One-way for all intent and purposes is one-way and is so easy to implement that it would be a crime not to use. So "almost" is in reality is like saying "almost" over the horizon and so far we haven't seen anyone even come close to approching the horizon.
This is why when someone looses or forgets a password a new password has to be sent. There is no way to derive the password from the information on file. So while I've seen people get annoyed with a company not being able to send a forgotten or lost password we should be relieved that this type of information is not accessable even by the company who has it. So part of the bottom line should be that if somebody gets your credit card number it's probably an inside job.
Jeff-
Linear Mode
