1 Reply Latest reply on Jun 5, 2008 1:21 AM by samunplugged

    Form data encryption

      I am currently developing a ColdFusion application on version 8. As fas as security as concerned, I am thinking of encrypting select form data before storing them into the database. A brief explanation would be as follows;

      User SUBMIT form data -> CFINSERT, Encrypt() and store in database -> User requests data CFQUERY -> Decrypt() and CFOUTPUT

      Algorithm used is AES and the key will be stored in the database when the user first registers to use the application.

      Assuming a page hit of 1000 hits/minute (equally both submission and query page), will there be a trade-off between security and performance? Will this method be secure enough?

      Do comment and give ideas. I am also searching for a developer partner.