Any thoughts on common/best practice for account number obfuscation ?
I've looked at classical character substitution/transposition algorithms, XOR (Base64) based approaches, TDES public/private key and one-way MD5 message digest approach as well......
I have account numbers - alphanumeric - that I would like to obfuscate (ideally one-way).
My only requirements -- are that the:
* cipher text is the same number of characters as the "plain text" (i.e. MD5 too long, transposition might work but I'm not sure about uniqueness)
* cipher text remains alphanumeric -- no =!@#$%& etc. symbolics introduced into the cipher (i.e. XOR type not really helpfull)
* cipher text does not need to be as strong as TDES but a little harder than Base64 or simple character substitution/shift/mapping ?
* cipher text is unique -- so that audits and history info. -- based on the obfucated/cipher-text is not corrupted by the algorithm producing the same result for two different account numbers.
Any thoughts would be greatly appreciated...