Secure hashing of PAN requires salt standard
In Mike Dahn’s PCI Answers blog, a post was made over the break about the Secure hashing of PANs As this blogger has said on many occasions before, hashing is a double edged sword. Theoretically, you could create a hash that is as secure as a CipherText from an encryption algorithm. If you used a 10 kilobit salt (effectively the Key) plus the PAN, you would have something quite secure and would not run into issues with collisions. The problem is that you cannot change your keys without retaining the original PAN. If you did change your key, new hashes of the same PAN would not match old hashes. Perhaps the biggest issue, people treat hashes differently then they do ...
Continue Reading