散列SSN和其他有限域信息 [英] Hashing SSNs and other limited-domain information
问题描述
我目前正在处理一个收到私人健康信息的应用程序。最大的问题之一就是SSN。目前,我们不使用SSN作为任何东西,但是将来我们希望能够使用它来唯一地识别多个设施中的患者。我可以看到的唯一方法是可靠地通过SSN。但是,我们(除了我们的客户)真的不想存储SSN。
I'm currently working on an application where we receive private health information. One of the biggest concerns is with the SSN. Currently, we don't use the SSN for anything, but in the future we'd like to be able to use it to uniquely identify a patient across multiple facilities. The only way I can see to do that reliably is through the SSN. However, we (in addition to our customers) REALLY don't want to store the SSN.
很自然,我想到只有SHA哈希,因为我们只是用它来识别。问题在于,如果攻击者知道问题域(SSN),那么他们可以专注于该域。因此,计算十亿个SSN而不是几乎无限数量的密码要容易得多。我知道我应该使用盐和盐酸盐,但还有什么可以做的,以防止攻击者透露SSN?而不是SHA,我正在计划使用BCrypt,因为Ruby有一个很好的库,它可以自动处理可扩展的复杂性和盐析。
So naturally, I thought of just SHA hashing it since we're just using it for identification. The problem with that is that if an attacker knows the problem domain (an SSN), then they can focus on that domain. So it's much easier to calculate the billion SSNs rather than a virtually unlimited number of passwords. I know I should use a site salt and a per-patient salt, but is there anything else I can do to prevent an attacker from revealing the SSN? Instead of SHA, I was planning on using BCrypt, since Ruby has a good library and it handles scalable complexity and salting automagically.
它不会被用作密码。本质上,我们从许多设施获得信息,每个都描述一个病人。唯一接近全球唯一标识符的病人是SSN号码。我们将使用哈希识别多个设施中的同一病人。
It's not going to be used as a password. Essentially, we get messages from many facilities, and each describes a patient. The only thing close to a globally unique identifier for a patient is the SSN number. We are going to use the hash to identify the same patient at multiple facilities.
推荐答案
创建社会安全号码的算法已创建在黑客的概念之前,因此他们是极其可预测的。使用SSN进行身份验证是一个非常糟糕的主意,您使用的加密原语或您的盐值有多大,这并不重要。在一天结束的时候,你要保护的秘密没有太多的熵。
The algorithm for generating Social Security Numbers was created before the concept of a hacker and as a consequence they are extremely predictable. Using a SSN for authentication is a very bad idea, it really doesn't matter what cryptographic primitive you use or how large your salt value is. At the end of the day the "secret" that you are trying to protect doesn't have much entropy.
如果你不需要知道纯文本,那么你应该使用SHA-256。 SHA-256是用于密码的非常好的功能。
If you never need to know the plain text then you should use SHA-256. SHA-256 is a very good function to use for passwords.
这篇关于散列SSN和其他有限域信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
