Form data encryption

Report · Jun 04, 2008

I am currently developing a ColdFusion application on version 8. As fas as security as concerned, I am thinking of encrypting select form data before storing them into the database. A brief explanation would be as follows;

User SUBMIT form data -> CFINSERT, Encrypt() and store in database -> User requests data CFQUERY -> Decrypt() and CFOUTPUT

Algorithm used is AES and the key will be stored in the database when the user first registers to use the application.

Assuming a page hit of 1000 hits/minute (equally both submission and query page), will there be a trade-off between security and performance? Will this method be secure enough?

Do comment and give ideas. I am also searching for a developer partner.

Report · Jun 05, 2008

Your data is secure as long as you keep the key and saltIV private. Also consider, built in encryption technology provided my database vendors including MySQL.

I suggest you read the updated information on Encrypt and Decrypt function at CF8 Livedocs.

You say you're searching for a devloper partner, you may reach developers in mumbai by posting a message at http://in.groups.yahoo.com/group/cfexpress/

Adobe Community

Form data encryption