散列SSN和其他有限域信息 [英] Hashing SSNs and other limited-domain information
问题描述
我目前正在处理一个我们收到私人健康信息的应用程序。最大的问题之一是与SSN。目前,我们不使用SSN的任何东西,但在将来,我们希望能够使用它来唯一地识别多个设施的病人。我可以看到的唯一可靠的方法是通过SSN。但是,我们(除了我们的客户)真的不想存储SSN。
I'm currently working on an application where we receive private health information. One of the biggest concerns is with the SSN. Currently, we don't use the SSN for anything, but in the future we'd like to be able to use it to uniquely identify a patient across multiple facilities. The only way I can see to do that reliably is through the SSN. However, we (in addition to our customers) REALLY don't want to store the SSN.
当然,我想到只是SHA哈希,因为我们只是使用它进行识别。问题是,如果攻击者知道问题域(SSN),那么他们可以专注于该域。因此,计算十亿个SSN更容易,而不是几乎无限数量的密码。我知道我应该使用一个站点的盐和每个病人的盐,但还有什么我可以做,以防止攻击者揭露SSN?而不是SHA,我打算使用BCrypt,因为Ruby有一个很好的库,它处理可扩展的复杂性和自动化salting。
So naturally, I thought of just SHA hashing it since we're just using it for identification. The problem with that is that if an attacker knows the problem domain (an SSN), then they can focus on that domain. So it's much easier to calculate the billion SSNs rather than a virtually unlimited number of passwords. I know I should use a site salt and a per-patient salt, but is there anything else I can do to prevent an attacker from revealing the SSN? Instead of SHA, I was planning on using BCrypt, since Ruby has a good library and it handles scalable complexity and salting automagically.
它不会被用作密码。基本上,我们从许多设施获得消息,每个描述一个病人。接近患者的全球唯一标识符的唯一的事情是SSN号码。
It's not going to be used as a password. Essentially, we get messages from many facilities, and each describes a patient. The only thing close to a globally unique identifier for a patient is the SSN number. We are going to use the hash to identify the same patient at multiple facilities.
推荐答案
创建社会安全号码的算法已创建在黑客的概念之前,因此他们非常可预测。使用SSN进行身份验证是一个非常糟糕的主意,使用什么加密原语或者你的salt值有多大并不重要。在一天结束时,你试图保护的秘密没有太多的熵。
The algorithm for generating Social Security Numbers was created before the concept of a hacker and as a consequence they are extremely predictable. Using a SSN for authentication is a very bad idea, it really doesn't matter what cryptographic primitive you use or how large your salt value is. At the end of the day the "secret" that you are trying to protect doesn't have much entropy.
如果你从来不需要知道纯文本,那么你应该使用SHA-256。 SHA-256是一个非常好的功能,用于密码。
If you never need to know the plain text then you should use SHA-256. SHA-256 is a very good function to use for passwords.
这篇关于散列SSN和其他有限域信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
