From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ie0-f181.google.com (mail-ie0-f181.google.com [209.85.223.181]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Tue, 16 Dec 2014 13:22:40 +0100 (CET) Received: by mail-ie0-f181.google.com with SMTP id tp5so12666757ieb.12 for ; Tue, 16 Dec 2014 04:22:38 -0800 (PST) Received: from [192.168.0.10] (d233-64-141-225.dim.wideopenwest.com. [64.233.225.141]) by mx.google.com with ESMTPSA id vf6sm709892igb.6.2014.12.16.04.22.37 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 16 Dec 2014 04:22:37 -0800 (PST) From: bill Message-ID: <549023F9.5000708@TechServSys.com> Date: Tue, 16 Dec 2014 07:22:17 -0500 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="------------020709090104070609050208" Subject: [dm-crypt] Impossible task ? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de This is a multi-part message in MIME format. --------------020709090104070609050208 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit I have conflicting needs and fear that they may be unresolvable. I. I need to store patient names (3 fields: last, first, middle initial) with the first and last names encrypted. 2. I need to be able to do partial name lookups if the user enters a partial first or last name. I presume that after encryption the names are no longer in alphabetical order, so looking up using an encrypted partial name will not result in a set of names beginning with that partial name. Is there an approach to this, or need I go back to my boss and suggest "plan B." -- Bill Drescher william {at} TechServSys {dot} com --------------020709090104070609050208 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit I have conflicting needs and fear that they may be unresolvable.
I. I need to store patient names (3 fields: last, first, middle initial) with the first and last names encrypted.
2. I need to be able to do partial name lookups if the user enters a partial first or last name.

I presume that after encryption the names are no longer in alphabetical order, so looking up using an encrypted partial name will not result in a set of names beginning with that partial name.

Is there an approach to this, or need I go back to my boss and suggest "plan B."

-- 
Bill Drescher
william {at} TechServSys {dot} com

--------------020709090104070609050208-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from v6.tansi.org (ns.km31936-01.keymachine.de [87.118.116.4]) by mail.server123.net (Postfix) with ESMTP for ; Tue, 16 Dec 2014 16:58:51 +0100 (CET) Received: from gatewagner.dyndns.org (77-57-49-177.dclient.hispeed.ch [77.57.49.177]) by v6.tansi.org (Postfix) with ESMTPA id D847320DC655 for ; Tue, 16 Dec 2014 16:58:50 +0100 (CET) Date: Tue, 16 Dec 2014 16:58:50 +0100 From: Arno Wagner Message-ID: <20141216155850.GA736@tansi.org> References: <549023F9.5000708@TechServSys.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <549023F9.5000708@TechServSys.com> Subject: Re: [dm-crypt] Impossible task ? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Hi, not really a topic for this list, but I will answer anyways. No, you cannot do this. Proof idea: If you can do lookup, you can break the encryption by checking whether a person is in there via the lookup functionality. Sure, if you only allow proper partial names, the attacker does not get the last character of the name, but that does not help much. There are not enough names in the world to make this attack too costly, and the attacker can do it character-by-character by using longer and longer partial names. The thing is that the possibility of lookup directly implies the data is _not_ protected against reading it. Gr"usse, Arno On Tue, Dec 16, 2014 at 13:22:17 CET, bill wrote: > I have conflicting needs and fear that they may be unresolvable. > I. I need to store patient names (3 fields: last, first, middle > initial) with the first and last names encrypted. > 2. I need to be able to do partial name lookups if the user enters a > partial first or last name. > > I presume that after encryption the names are no longer in > alphabetical order, so looking up using an encrypted partial name > will not result in a set of names beginning with that partial name. > > Is there an approach to this, or need I go back to my boss and > suggest "plan B." > > -- > Bill Drescher > william {at} TechServSys {dot} com > > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from nm11-vm3.bullet.mail.ir2.yahoo.com (nm11-vm3.bullet.mail.ir2.yahoo.com [212.82.96.164]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Tue, 16 Dec 2014 23:26:12 +0100 (CET) Message-ID: <5490B183.80900@yahoo.com> Date: Tue, 16 Dec 2014 23:26:11 +0100 From: Quentin Lefebvre MIME-Version: 1.0 References: <549023F9.5000708@TechServSys.com> <20141216155850.GA736@tansi.org> In-Reply-To: <20141216155850.GA736@tansi.org> Content-Type: text/plain; charset="windows-1252"; format="flowed" Content-Transfer-Encoding: quoted-printable Subject: Re: [dm-crypt] Impossible task ? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de There are some "order preserving encryption" (OPE) schemes, but they are=20 less secure. And indeed, it's not cryptsetup-related. I guess you should find something about that on Internet. Best regards, Quentin Le 16/12/2014 16:58, Arno Wagner a =E9crit : > Hi, > > not really a topic for this list, but I will answer anyways. > > No, you cannot do this. Proof idea: If you can do lookup, > you can break the encryption by checking whether a person is > in there via the lookup functionality. > > Sure, if you only allow proper partial names, the attacker > does not get the last character of the name, but that does > not help much. There are not enough names in the world to > make this attack too costly, and the attacker can do it > character-by-character by using longer and longer partial > names. > > The thing is that the possibility of lookup directly > implies the data is _not_ protected against reading it. > > Gr"usse, > Arno > > > On Tue, Dec 16, 2014 at 13:22:17 CET, bill wrote: >> I have conflicting needs and fear that they may be unresolvable. >> I. I need to store patient names (3 fields: last, first, middle >> initial) with the first and last names encrypted. >> 2. I need to be able to do partial name lookups if the user enters a >> partial first or last name. >> >> I presume that after encryption the names are no longer in >> alphabetical order, so looking up using an encrypted partial name >> will not result in a set of names beginning with that partial name. >> >> Is there an approach to this, or need I go back to my boss and >> suggest "plan B." >> >> -- >> Bill Drescher >> william {at} TechServSys {dot} com >> > >> _______________________________________________ >> dm-crypt mailing list >> dm-crypt@saout.de >> http://www.saout.de/mailman/listinfo/dm-crypt > >