Re: Encrypted Fields

From: Dov Rosenberg (drosenber..nquira.com)
Date: Sat Feb 07 2009 - 13:50:59 EST

Next message: Andrus Adamchik: "Re: Encrypted Fields"

Previous message: Michael Gentry: "Re: Encrypted Fields"
In reply to: Michael Gentry: "Re: Encrypted Fields"
Next in thread: Andrus Adamchik: "Re: Encrypted Fields"
Reply: Andrus Adamchik: "Re: Encrypted Fields"
Reply: Michael Gentry: "Re: Encrypted Fields"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

One of our customers who is big into security had a pretty good idea. Their
concern was that if the sensitive data could be decrypted it was vulnerable
and considered a security risk. They proposed using a one way encryption
algorithm and then only comparing the hash values of the sensitive data -
not the actual data itself. I am not certain which algorithm they were
talking about.

Dov Rosenberg

On 2/7/09 12:08 PM, "Michael Gentry" <mgentr..asslight.net> wrote:

> Here it is:
>
> http://people.apache.org/~mgentry/Security_Manifesto.pdf
>
> Joe had a few questions off-the-list (about how to do a query on an
> encrypted value) and I'll try to update it soon, but that's the
> current version I have.
>
> Comments appreciated, as always.
>
> mrg

Next message: Andrus Adamchik: "Re: Encrypted Fields"
Previous message: Michael Gentry: "Re: Encrypted Fields"
In reply to: Michael Gentry: "Re: Encrypted Fields"
Next in thread: Andrus Adamchik: "Re: Encrypted Fields"
Reply: Andrus Adamchik: "Re: Encrypted Fields"
Reply: Michael Gentry: "Re: Encrypted Fields"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2.0.0 : Sat Feb 07 2009 - 13:51:37 EST