AES and Credit card number encryption

[Paul Rubin]

Tobiah <toby at tobiah.org> writes:
> I browsed this subject and thought I might use the 'AES' cypher
> scheme to do this.  Would this be a good choice?

There's more to it than that, but yes, AES is a good underlying
algorithm.

> So my real question is, how do I go about generating the best key.
> Isn't the length supposed to be a 2^n bits, and soforth?

AES key length is your choice of 128, 192, or 256 bits.  In practice
128 bits (16 bytes) is fine and is what most people use.  You should
use 16 completely random bytes.  Get these by reading them from
os.urandom(16), which is provided for basically this purpose.