encrypted tapes (was Re: Papers about "Algorithm hiding" ?)
Charles M. Hannum
root at ihack.net
Wed Jun 8 21:59:12 EDT 2005
On Wednesday 08 June 2005 21:20, astiglic at okiok.com wrote:
> Yes, encrypting indexed columns for example is a problem. But if you
> limit yourself to encrypting sensitive information (I'm talking about
> stuff like SIN, bank account numbers, data that serves as an index to
> external databases and are sensitive with respect to identity theft),
> these sensitive information should not be the bases of searches.
> If they are not he basis of searches, there will be no performance
> problems related to encrypting them.
I can name at least one obvious case where "sensitive" data -- namely credit
card numbers -- is in fact something you want to search on: credit card
billing companies like CCbill and iBill. Without the ability to search by
CC#, customers are pretty screwed.
That said, I will never buy the "only encrypt sensitive data" argument. In my
experience, you *always* end up leaking something that way.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list