Re: SSN encryption
From: David Wagner (daw_at_taverner.cs.berkeley.edu)
Date: 10/01/05
- Next message: John Hadstate: "Re: SSN encryption"
- Previous message: David Wagner: "Re: Matrix algebra cipher, still usable for some tasks..."
- Maybe in reply to: Peter Pearson: "Re: SSN encryption"
- Next in thread: John Hadstate: "Re: SSN encryption"
- Reply: John Hadstate: "Re: SSN encryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 30 Sep 2005 23:18:31 +0000 (UTC)
John E. Hadstate wrote:
>Pardon me if this suggestion has already been advanced. I'd
>suggest that for each SSN in your file you:
>
>1. pad it to 128 bits and,
>
>2. encrypt the padded SSN using AES128 with the padded SSN
>as
>the key.
>
>In the absence of collisions, each SSN will map to a unique
>value and the work required to reverse the encryption will
>be incomprehensible.
By "incomprehensible", do you mean "negligible"?
One can exhaustively search the space of SSNs in minutes.
This means that a dictionary search suffices to recover the
SSN from this obfuscated version of the SSN in minutes. The
work factor is at most 2^33, and that's an overestimate for
several reasons.
One can even precompute a lookup table that allows to subsequently
invert obfuscated SSNs in no time at all.
- Next message: John Hadstate: "Re: SSN encryption"
- Previous message: David Wagner: "Re: Matrix algebra cipher, still usable for some tasks..."
- Maybe in reply to: Peter Pearson: "Re: SSN encryption"
- Next in thread: John Hadstate: "Re: SSN encryption"
- Reply: John Hadstate: "Re: SSN encryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
