Re: SSN encryption

From: Peter Pearson (ppearson_at_nowhere.invalid)
Date: 09/29/05

• Next message: Unruh: "Re: The effects of quantum computers"
• Previous message: Henning Sponbiel: "q"
• In reply to: drfremove_at_nber.org: "SSN encryption"
• Next in thread: drfremove_at_nber.org: "Re: SSN encryption"
• Reply: drfremove_at_nber.org: "Re: SSN encryption"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 29 Sep 2005 09:23:06 -0700

drfremove@nber.org wrote:

> We want to encrypt social security numbers in a database.

You've triggered Pearson's predictable "clarify your requirements"
lecture. Regular sci.crypt readers can move along.

You need clarity in your requirements. Without clarity,
(a) you won't get useful help, and (b) you can't tell
whether or not the final design meets your requirements.
If you're not sure where you're going, you'll never know
whether you've arrived.

"We want to encrypt X" is not a requirement; rather, it's
an implementation suggestion. A good requirement sounds
like this: "It should be computationally infeasible for
someone knowing A, B, and C, but not knowing D, to guess
the value of E with probability of success greater than F."

If you can't separate the data-security function from the
rest of your application cleanly enough to articulate the
necessary requirements, then you'll have to hire a cryptographer
who can study the whole application.

So .... you have a database that includes SSNs. It appears that
you're using the SSN as an index into the database, and that
you want to deny somebody the ability to extract certain
information from the database.

Why not just encrypt the entire database with a secret key?

Is the database shared? If so, how much are the users
trusted? Can they share a secret key? Must they all be
able to modify the database?

-- 
Peter Pearson
To get my email address, substitute:
nowhere -> spamcop, invalid -> net

---

• Next message: Unruh: "Re: The effects of quantum computers"
• Previous message: Henning Sponbiel: "q"
• In reply to: drfremove_at_nber.org: "SSN encryption"
• Next in thread: drfremove_at_nber.org: "Re: SSN encryption"
• Reply: drfremove_at_nber.org: "Re: SSN encryption"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Choosing Primary and Foreign Keys ... fieldnames in my database. ... developer (who may come back to the database 6 months later, ... some degree of clarity and consistency to help the *next* developer make ... >> ShopStreet ... (microsoft.public.access.gettingstarted) Complicated database problem ... There are two columns in a database table. ... They store the FROM and TO values for a certain range. ... the range in which it lies. ... This example uses small numbers for clarity. ... (comp.databases) Re: ACCESS database connection error:DB-0053 The maximum number user r ... LDB extension for clarity. ... I am developing a windows application using VB.NET. ... connects to a demo database in MS Access. ... (microsoft.public.dotnet.framework.adonet) Re: Connect to DATA BASE (ORACLE) ... sanjay wrote: ... Database through C program. ... i have No clarity in that. ... Try the download section. ... (comp.lang.c) RE: About my Database ... database, especiually a database as unsecure as Microsoft Access. ... absolutely must store social security numbers, ... hurt to encrypt the SSNs either. ... > as the master key and as my reference for all relationships on a one to ... (microsoft.public.access.gettingstarted)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > sci.crypt  > 2005-09