Re: SQL 2005 - Searching Encrypted SSN
- From: "Laurentiu Cristofor [MSFT]" <laur@xxxxxxxxxx>
- Date: Wed, 5 Jul 2006 12:13:32 -0700
Of course you are better: if you have two pieces of data encrypted with
different IVs, you're not going to be able to tell whether they're identical
or not, but if you use a fixed IV, the blobs will be identical. Storing the
IVs with the data is ok, they're not supposed to be secret; the encryption
key is the secret.
Thanks
--
Laurentiu Cristofor [MSFT]
Software Design Engineer
SQL Server Engine
http://blogs.msdn.com/lcris/
This posting is provided "AS IS" with no warranties, and confers no rights.
"Mike C#" <xyz@xxxxxxx> wrote in message
news:euP%23laCoGHA.4248@xxxxxxxxxxxxxxxxxxxxxxx
"Laurentiu Cristofor [MSFT]" <laur@xxxxxxxxxx> wrote in message
news:%23Bf6msGnGHA.4104@xxxxxxxxxxxxxxxxxxxxxxx
If you use a fixed salt, then you compromise on security.
If you store the IV with the data you are no better off.
.
- Follow-Ups:
- Re: SQL 2005 - Searching Encrypted SSN
- From: Mike C#
- Re: SQL 2005 - Searching Encrypted SSN
- References:
- Re: SQL 2005 - Searching Encrypted SSN
- From: Mike C#
- Re: SQL 2005 - Searching Encrypted SSN
- Prev by Date: Re: "Random IV"?
- Next by Date: RE: "Random IV"?
- Previous by thread: Re: SQL 2005 - Searching Encrypted SSN
- Next by thread: Re: SQL 2005 - Searching Encrypted SSN
- Index(es):
Relevant Pages
|
