symmetric-key

I've never had to deal with PCI compliance before. I've been reading their documentation and it says I need to protect the credit card number, expiration date and the card holder's name. No storage of security codes ever. In their documentation, it just says protect. Is this saying I need to encrypt these 3 columns in my database? I thought only the number was the data that needed to be encrypted. Either way, I'm fine with. If I need to encrypt all three columns, do I share one certificate and have 3 symmetric keys, or will I only need 1 of each, with that symmetric key being used on all 3

I am beginning to learn crypto algorithms and I understand how the above mentioned algorithms work. Is it that the key length of AES is longer? Which steps of AES encryption makes it less vulnerable than DES? DES was designed with an effective key length of 56 bits, which is vulnerable to exhaustive search . It also has some weaknesses against differential and linear cryptanalysis: these allow to recover the key using, respectively, 2 47 chosen plaintexts, or 2 43 known plaintexts. A known plaintext is an encrypted block (an 8-byte block, for DES) for which the attacker knows the corresponding