Home Forums Article Discussions Article Discussions by Author Discuss Content Posted by Michael Coles Free Encryption RE: Free Encryption

  • July 21, 2005 at 9:50 am

    #576133

    A "whole system" kindof question though:

    Where should the data get decrypted?  For SSN's I almost think it should not be decrypted, but the user input should be encrypting and the crypted strings matched (like a hash table, but you don't have to worry about collisions); you could retrieve based on the SSN, but it would never be exposed...

    Where would you store the keys?

    What do people think about using a public/private key system where you would encrypt the SSN's with your public key, and do the same match above, keeping the private key on a USB fob or someplace entirely separate so even if the database is stolen, the contents cannot be decrypted...

    OTOH, if you decrypt as part of a sproc/view/whatever, doesn't it get sent over the network as plaintext?  Is that worrisome or am I just being too paranoid (I'm usually a dev dude, so I know very little about what goes on in the networking/biz spaces).