Storing credit card details with mcrypt or GnuPG

Question

I have a requirement to store credit card details (not storing is NOT an option).

Using mcrypt with mcrypt_dev_random to generate init_vector takes varying ages to encry

Answer 1

For you the most important question is, what you need for PCI compliance. Don't produce some homebrew encryption. Read up on what it requires, and preferable delegate the credit card stuff to a specialized payment processor.

Using mcrypt with mcrypt_dev_random to generate init_vector takes varying ages to encrypt/decrypt but seems is the most 'secure' option. mcrypt_dev_urandom MUCH quicker but not suitable for long term storage - as I have read.

This shows some misunderstandings. For one an IV doesn't need to be secret. The quality of random numbers is less important.

But even for keys, /dev/urandom is good enough, provided it was seeded with sufficient entropy initially.