如何将社会安全号码安全地存储在数据库中? [英] How to I securely store social security numbers in a database?

问题描述

我正在开发一个Web应用程序，用户需要提交其社会保险号.

I'm working on a web application which the users will need to submit their social security numbers.

我想使用非对称密钥进行加密，因此，如果Web服务器受到威胁，则私钥仍然是安全的.该应用程序将不会在网络服务器上处理.

I would like to use asymmetric keys for encryption so if the web server is compromised the private key will still be safe. The application won't be processed on the webserver.

但是，应用程序需要能够确定SSN是否为A的重复项，不允许A重复，而B允许用户返回其应用程序.

However the app needs the ability to know if the SSN is a duplicate to A not allow duplicates and B to allow users to come back to their application.

可以做到吗?

使用类似于密码存储方式的单向哈希还是有意义的做法?

Does it make sense to use a one way hash similar to the way passwords are stored or will that compromise the data?

因为只有一个近似值. 100亿个SSN.这是否会产生任何哈希算法.容易受到暴力攻击.盐在这里会有所帮助吗?如果知道盐，它是否仍然容易受到蛮力攻击?是否可以正确隐藏盐，因为如果有人可以访问数据库，那么他们也可以访问盐?

Since there are only aprox. 10 Billion SSNs. Does that make any hashing alg. susceptible to brute force attacks. Will a salt help here? If the salt is known isn't it still susceptible to brute force? Is it possible to properly hide a salt since if someone has access to the database they also have access to the salt?

推荐答案

游戏有点晚了，但是我采取了两管齐下的方法.

A little late to the game, but I took a two-pronged approach.

我们将SSN分为两部分:

We split the SSN into two parts:

1. XXX-XX
2. 3847

使用某种加密算法(河豚?)或您选择的任何口味对SSN的第一部分进行加密.

The first part of the SSN is encrypted using some encryption algorithm (blowfish?) or whatever flavor you choose.

数据库:

--------------------------------------------------------
| ID    |   SSN-A    |   SSN-B    | ......   |         |
--------------------------------------------------------
|   1   | N1maA+HCRj |    3847    |    ...   |         |
|   2   | HCRjHQiEx/ |    7254    |    ...   |         |
--------------------------------------------------------

将记录导出或转储到CSV中以供另一个实体使用时，您可以一个接一个地解密SSN的第一部分，然后重新组装完整的SSN.

When records are exported or dumped into a CSV for consumption by another entity, you can decrypt the first part of the SSN one by one and then reassemble the complete SSN.

只要密钥被安全地存储，那么这里就有一种合理的安全感.这样做的附加好处是-虽然无法进行完整的SSN搜索，但是您至少可以使用后4位数字来限制它们.关于存储SSN的一整套规定，所以无论选择哪种方式-都要小心.

As long as the key is stored securely, then there is a reasonable sense of security here. The added benefit of this is - while you cannot do a whole SSN search, you can at least limit them by using the last 4 digits. There is a whole set of regulations around storing SSN's, so whatever way you choose - be careful.

修改

将列命名为SSN字段的不确定性也是很明智的.

It would also probably be wise to name the columns something non deterministic of an SSN field.

这篇关于如何将社会安全号码安全地存储在数据库中?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！