| From: | John R Pierce <pierce(at)hogranch(dot)com> |
|---|---|
| To: | Eric Soroos <eric-psql(at)soroos(dot)net> |
| Cc: | pgsql-general List <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Looking for advice on database encryption |
| Date: | 2009-04-17 00:24:15 |
| Message-ID: | 49E7CC2F.3050305@hogranch.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Eric Soroos wrote:
>> an index on the encrypted SSN field would do this just fine. if
>> authorized person needs to find the record with a specific SSN, they
>> encrypt that SSN and then look up the ciphertext in the database...
>> done.
>>
>
> This will only work for e(lectronic?) code book ciphers, and not
> chained block ciphers, since the initialization vector will randomize
> the output of the encryption so that E(foo) != E(foo) just to prevent
> this sort of attack.
can those sorts of chained block ciphers decode blocks in a different
order than they were originally encoded? for this sort of
application, wouldn't each field or record pretty much have to be
encrypted discretely so that they can be decrypted in any order, or any
single record be decrypted on its own?
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bill Moran | 2009-04-17 00:29:01 | Re: Looking for advice on database encryption |
| Previous Message | Eric Soroos | 2009-04-17 00:00:04 | Re: Looking for advice on database encryption |