| From: | Eric Soroos <eric-psql(at)soroos(dot)net> |
|---|---|
| To: | John R Pierce <pierce(at)hogranch(dot)com> |
| Cc: | pgsql-general List <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Looking for advice on database encryption |
| Date: | 2009-04-17 00:00:04 |
| Message-ID: | 2DC424B7-7303-4A31-85C0-8C59754461A1@soroos.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
>>
>> That's where we're having difficulty. Our requirements are that the
>> data must be strongly protected, but the appropriate people must be
>> able to do (often complex) searches on it that complete in record
>> time.
>>
>
> an index on the encrypted SSN field would do this just fine. if
> authorized person needs to find the record with a specific SSN, they
> encrypt that SSN and then look up the ciphertext in the database...
> done.
>
This will only work for e(lectronic?) code book ciphers, and not
chained block ciphers, since the initialization vector will randomize
the output of the encryption so that E(foo) != E(foo) just to prevent
this sort of attack.
You're looking for a hash function, since that's a one way, stable
function meant for comparing.
eric
| From | Date | Subject | |
|---|---|---|---|
| Next Message | John R Pierce | 2009-04-17 00:24:15 | Re: Looking for advice on database encryption |
| Previous Message | Francisco Figueiredo Jr. | 2009-04-16 23:43:20 | Re: need information |