go ahead... be a heretic | |
PerlMonks |
Re^3: any alternative modules for asymmetric encryption besides Crypt::RSA?by sundialsvc4 (Abbot) |
on Jul 14, 2014 at 21:33 UTC ( [id://1093622]=note: print w/replies, xml ) | Need Help?? |
Thank you for this! Now, let me try to respond (given that all of this is IMHO ...) Well, lessee: Although the first response that you proferred refers to “transactions in the million level,” strongly implying that “transactions per second” is key, your second response reveals that you are dealing with “sensitive patient data.” And this revelatiion, I must say, entirely trumps the first. At the end of the day, no one will sue you, under US Federal Laws such as HIPAA, for any sort of deficiency in your algorithm’s performance. They might, however, sue you for shortcomings in your protection of the resulting data. Therefore, I suggest that you should engage in an online search of “HIPAA Best Practices”, treating all of them (of course!) as the greatest of Gospel. At the end of the day, and if worst should come to worst, no one will actually care whether you encrypted your data “efficiently” or not. They will only care whether or not an intruder could have managed to break it. If you can demonstrate that your solution, first, “was based upon an already-accepted library, such as OpenSSL,” and that it employed such library “in the strongest possible way,” and that the holistic key-management practices of the surrounding business organization also were Best Practices,™ then you (maybe ...) have a fighting chance. “Performance” is the least of your worries . . .
In Section
Seekers of Perl Wisdom
|
|