[17418] in cryptography@c2.net mail archive
Re: encrypted tapes (was Re: Papers about "Algorithm hiding" ?)
daemon@ATHENA.MIT.EDU (Charles M. Hannum)
Thu Jun 9 09:33:58 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Charles M. Hannum" <root@ihack.net>
To: astiglic@okiok.com
Cc: "Adam Shostack" <adam@homeport.org>,
"Ken Buchanan" <k.buchanan@kastenchase.com>,
cryptography@metzdowd.com
In-Reply-To: <12030.207.236.193.195.1118265656.squirrel@mail.okiok.com>
Date: Thu, 9 Jun 2005 01:59:12 +0000
On Wednesday 08 June 2005 21:20, astiglic@okiok.com wrote:
> Yes, encrypting indexed columns for example is a problem. But if you
> limit yourself to encrypting sensitive information (I'm talking about
> stuff like SIN, bank account numbers, data that serves as an index to
> external databases and are sensitive with respect to identity theft),
> these sensitive information should not be the bases of searches.
> If they are not he basis of searches, there will be no performance
> problems related to encrypting them.
I can name at least one obvious case where "sensitive" data -- namely credit
card numbers -- is in fact something you want to search on: credit card
billing companies like CCbill and iBill. Without the ability to search by
CC#, customers are pretty screwed.
That said, I will never buy the "only encrypt sensitive data" argument. In my
experience, you *always* end up leaking something that way.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
