DM-Crypt Archive on lore.kernel.org
 help / color / mirror / Atom feed
* [dm-crypt] Impossible task ?
@ 2014-12-16 12:22 bill
  2014-12-16 15:58 ` Arno Wagner
  0 siblings, 1 reply; 3+ messages in thread
From: bill @ 2014-12-16 12:22 UTC (permalink / raw)
  To: dm-crypt

[-- Attachment #1: Type: text/plain, Size: 612 bytes --]

I have conflicting needs and fear that they may be unresolvable.
I. I need to store patient names (3 fields: last, first, middle 
initial) with the first and last names encrypted.
2. I need to be able to do partial name lookups if the user 
enters a partial first or last name.

I presume that after encryption the names are no longer in 
alphabetical order, so looking up using an encrypted partial name 
will not result in a set of names beginning with that partial name.

Is there an approach to this, or need I go back to my boss and 
suggest "plan B."

-- 
Bill Drescher
william {at} TechServSys {dot} com


[-- Attachment #2: Type: text/html, Size: 949 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [dm-crypt] Impossible task ?
  2014-12-16 12:22 [dm-crypt] Impossible task ? bill
@ 2014-12-16 15:58 ` Arno Wagner
  2014-12-16 22:26   ` Quentin Lefebvre
  0 siblings, 1 reply; 3+ messages in thread
From: Arno Wagner @ 2014-12-16 15:58 UTC (permalink / raw)
  To: dm-crypt

Hi,

not really a topic for this list, but I will answer anyways.

No, you cannot do this. Proof idea: If you can do lookup, 
you can break the encryption by checking whether a person is 
in there via the lookup functionality.

Sure, if you only allow proper partial names, the attacker 
does not get the last character of the name, but that does 
not help much. There are not enough names in the world to
make this attack too costly, and the attacker can do it 
character-by-character by using longer and longer partial
names.

The thing is that the possibility of lookup directly
implies the data is _not_ protected against reading it.

Gr"usse,
Arno


On Tue, Dec 16, 2014 at 13:22:17 CET, bill wrote:
> I have conflicting needs and fear that they may be unresolvable.
> I. I need to store patient names (3 fields: last, first, middle
> initial) with the first and last names encrypted.
> 2. I need to be able to do partial name lookups if the user enters a
> partial first or last name.
> 
> I presume that after encryption the names are no longer in
> alphabetical order, so looking up using an encrypted partial name
> will not result in a set of names beginning with that partial name.
> 
> Is there an approach to this, or need I go back to my boss and
> suggest "plan B."
> 
> -- 
> Bill Drescher
> william {at} TechServSys {dot} com
> 

> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [dm-crypt] Impossible task ?
  2014-12-16 15:58 ` Arno Wagner
@ 2014-12-16 22:26   ` Quentin Lefebvre
  0 siblings, 0 replies; 3+ messages in thread
From: Quentin Lefebvre @ 2014-12-16 22:26 UTC (permalink / raw)
  To: dm-crypt

There are some "order preserving encryption" (OPE) schemes, but they are 
less secure.
And indeed, it's not cryptsetup-related.

I guess you should find something about that on Internet.

Best regards,
Quentin

Le 16/12/2014 16:58, Arno Wagner a écrit :
> Hi,
>
> not really a topic for this list, but I will answer anyways.
>
> No, you cannot do this. Proof idea: If you can do lookup,
> you can break the encryption by checking whether a person is
> in there via the lookup functionality.
>
> Sure, if you only allow proper partial names, the attacker
> does not get the last character of the name, but that does
> not help much. There are not enough names in the world to
> make this attack too costly, and the attacker can do it
> character-by-character by using longer and longer partial
> names.
>
> The thing is that the possibility of lookup directly
> implies the data is _not_ protected against reading it.
>
> Gr"usse,
> Arno
>
>
> On Tue, Dec 16, 2014 at 13:22:17 CET, bill wrote:
>> I have conflicting needs and fear that they may be unresolvable.
>> I. I need to store patient names (3 fields: last, first, middle
>> initial) with the first and last names encrypted.
>> 2. I need to be able to do partial name lookups if the user enters a
>> partial first or last name.
>>
>> I presume that after encryption the names are no longer in
>> alphabetical order, so looking up using an encrypted partial name
>> will not result in a set of names beginning with that partial name.
>>
>> Is there an approach to this, or need I go back to my boss and
>> suggest "plan B."
>>
>> --
>> Bill Drescher
>> william {at} TechServSys {dot} com
>>
>
>> _______________________________________________
>> dm-crypt mailing list
>> dm-crypt@saout.de
>> http://www.saout.de/mailman/listinfo/dm-crypt
>
>

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-12-16 22:26 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-12-16 12:22 [dm-crypt] Impossible task ? bill
2014-12-16 15:58 ` Arno Wagner
2014-12-16 22:26   ` Quentin Lefebvre

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox