Akademik Veri Yönetim Sistemi
2026 International Conference on Artificial Intelligence, Computer, Data Sciences and Applications (ACDSA), Marawi, Filipinler, 5 - 07 Şubat 2026, ss.1-5, (Tam Metin Bildiri)
With the enactment of version v4.0.1 of the Payment Card Industry Data Security Standard (PCI DSS), it has become mandatory for organizations conducting financial transactions to review their cryptographic solutions. This study aims to comparatively analyze the performance of different encryption algorithms, such as AES, DESEDE, and BLOWFISH, used to secure cardholder data on the ColdFusion 2025 platform, which is a server-side technology. In the study, load tests involving thousands of iterations were conducted using ColdFusion's builtin Encrypt() and Decrypt() functions, comparing modern modes recommended by PCI DSS, such as AES/GCM/NoPadding and AES/CBC/PKCS5Padding, against older and weak algorithms like RC4 and DESEDE. The findings revealed that the modes of AES were faster than insecure algorithms like RC4 or RC2, both in encryption and in the average decryption time. The AES/GCM/NoPadding mode, which offers the highest level of security, was observed to incur a slight performance cost due to providing integrity control, executing the process in 150 ms for encryption and 63 ms for decryption. In conclusion, for ColdFusion 2025 users seeking PCI DSS v4.0.1 compliance, AES/GCM/NoPadding is suggested as the most appropriate solution due to its integrity guarantee, although AES/CBC/PKCS5Padding offers an acceptable alternative in high-performance scenarios. The study provides evidence-based recommendations to prevent organizations from risking the use of deprecated algorithms like RC4 or older ones like DESEDE due to performance concerns, guiding them toward adopting solutions that are both secure and efficient.