unique pemutation using 3DES
- From: marvind434 <marvind434@xxxxxxxxx>
- Date: Thu, 22 Apr 2010 12:25:33 -0700 (PDT)
I am working on a problem where we have to share account ids with
another party. Account ids in this problem are 64 bit numeric
quantities. We do not want to reveal the id but want to preserve 1:1
mapping to allow 3rd party to correlate using the transformed id on
some event stream. The number of ids is huge and grows every day.
Furthermore the mapped quantity should be 64 bit numeric as well due
to limitations on 3rd party site. I thought may be I could use encrypt
account id using 3DES in ECB mode and just return the final block as
64 bit numeric quantity.
I have read that the block ciphers can be considered to be pseudo
random permutations and want to know if my approach is correct.
Normally if there was no constraint on output size, we would just
return a MAC and live with low chance of collision. I also think
XOR'ing each account id with a fixed random number that we keep secret
is not a good idea because it will leak relationship between account
I am open to other suggestions as well but I want to avoid storing any
per account id meta data.
- Prev by Date: Re: entropy and the Yarrow PRNG for key generation
- Next by Date: Re: unique pemutation using 3DES
- Previous by thread: entropy and the Yarrow PRNG for key generation
- Next by thread: Re: unique pemutation using 3DES