m




Y Refers to the process of transforming electronic
information.
Y Credit card encryption is important in the business
world .
Y Credit card encryption is used to scramble
sensitive information that is stored on business
computer networks.
Y Credit card Encryption comes from the
science of cryptography.
Y Some business owners make the mistake
.
Y The most popular use of encryption is in
electronic commerce.
Y Credit card data is transmitted safely to
the merchant.
Y There are two main types of data encryption
systems.
Y The first²which is variously known as private key,
single key, secret key, or symmetric encryption.
Y The second, and more commonly used, type of
data encryption system is known as a public key
system.
Y The best-known data encryption program is called
RSA.
Y RSA scrambles data based on the product of two
prime numbers.
Y A number of other data encryption programs enjoy
wide use as well.
Y Encoding credit cards is required to make them
function correctly.
Y A credit card works with a magnetic stripe .
Y Credit cards are encoded based on three different
tracks.
Y Each of these tracks has different standards and
data encoding.
Y The first track on the magnetic strip.
Y Encoded at 210 bits per inch.
Y Uses a 6-bit encryption with 64 different
alphanumeric characters.
Y The second track on the magnetic strip is encoded
at 75 bits per inch, using 4-bit encryption to code
10 digits.
Y The third track on the magnetic strip is encoded at
210 bits per inch, the same way the first track on
the magnetic strip is encoded.
Y Knowing how the credit card is encoded will help
you understand how it works when it is used.
When an ATM eats a card.
 m

Y Simple database table of clients with their credit
card numbers.
 m

Y ¦atabase systems like Microsoft Access have an
option to format a particular field in "password
mode³
 m

Y Use a symmetric encryption algorithm like AES or
Triple ¦ES.
Y Using Triple ¦ES (a.k.a. 3¦ES or T¦EA) with the
192-bit key
000102030405060708090A0B0C0¦0E0F10111213
14151617
Y First encryption operation in ECB mode is:
Y PT="1234-5678-9789-0124"
Y PT(hex)
=313233342¦353637382¦393738392¦30313234
Y PT(padded)=313233342¦353637382¦393738392¦30
3132340505050505
Y CT(hex)
=0B¦C16E6A777C535C49F67688C6¦4E21¦3F3608
8C206C85A
 m

Y The best modes to use when encrypting are either
Ô

Ô   (Ô Ô) or Ô mode
(Ô
).
Y Adding a new field to our database, ÿ

m

Y Split this into two parts, where the first 8 bytes is
the IV.
Y IV=18¦F733256¦44E32
Y CT=2874919B17EFE¦FCCC0206723C26A00308
7¦10A271449323
Y Then use the IV together with the secret key to
decrypt the cipher text and obtain
Y PT=313233342¦353637312¦393938382¦373736
360505050505
Y Ñeed to strip off the padding, in this case, five
bytes each of value 0x05 (this also provides a
convenient check that the decryption was correct)
313233342¦353637312¦393938382¦37373636
Y And then decode this from hex format into a string
1234-5671-9988-7766
Y m

 
Y Repeat method 5 but use the AES-128 block
cipher algorithm in counter (CTR) mode. Use the
128-bit key

000102030405060708090A0B0C0¦0E0F
u
 
  
  
 


Y To encrypt the first record,
Y KEY=000102030405060708090A0B0C0¦0E0F
Y IV =7A¦3C3BF888C9E88AA5F44773FAEB42E
Y PT="1234-5678-9789-0124"
Y PT(hex)
=313233342¦353637382¦393738392¦30313234
Y CT(hex)
=612B4B355C9874F920AC346B¦0F8C5C76141
65
AES
Y AES encryption is used to, securely stream
information continuously across an unsecured
Internet connection.
Y Encrypt data on a hard drive or device to stop
hackers using Internet based tools to read
information on the drive, or to stop thieves of
notebooks reading the contents of the drive.
Y If a super-computer could break the ¦ES code in
one second, it would take the same
supercomputer 149 trillion years to decode a 128-
bit AES key .
Y AES is a small, fast, hard to crack encryption.
Y 128 bit AES offers a total of 3.4 x 10^38 individual
keys.
Y AES has three approved key length: 128 bits, 192
bits, and 256 bits.
Y The four rounds are called :
Y SubBytes.
Y ShiftRows.
Y MixColumns.
Y AddRoundKey.
Y Always encrypt sensitive data like credit card
numbers.
Y Use a recognized block cipher algorithm like Triple
¦ES or AES-128.
Y Use CBC or CTR mode, never ECB.
Y Generate a fresh random IV   you save a
new credit card number or edit an existing one.