Re: SSN encryption
From: David Wagner (daw_at_taverner.cs.berkeley.edu)
Date: Fri, 30 Sep 2005 23:18:31 +0000 (UTC)
John E. Hadstate wrote:
>Pardon me if this suggestion has already been advanced. I'd
>suggest that for each SSN in your file you:
>1. pad it to 128 bits and,
>2. encrypt the padded SSN using AES128 with the padded SSN
>In the absence of collisions, each SSN will map to a unique
>value and the work required to reverse the encryption will
By "incomprehensible", do you mean "negligible"?
One can exhaustively search the space of SSNs in minutes.
This means that a dictionary search suffices to recover the
SSN from this obfuscated version of the SSN in minutes. The
work factor is at most 2^33, and that's an overestimate for
One can even precompute a lookup table that allows to subsequently
invert obfuscated SSNs in no time at all.