On Wednesday 08 June 2005 21:20, [EMAIL PROTECTED] wrote: > Yes, encrypting indexed columns for example is a problem. But if you > limit yourself to encrypting sensitive information (I'm talking about > stuff like SIN, bank account numbers, data that serves as an index to > external databases and are sensitive with respect to identity theft), > these sensitive information should not be the bases of searches. > If they are not he basis of searches, there will be no performance > problems related to encrypting them.
I can name at least one obvious case where "sensitive" data -- namely credit card numbers -- is in fact something you want to search on: credit card billing companies like CCbill and iBill. Without the ability to search by CC#, customers are pretty screwed. That said, I will never buy the "only encrypt sensitive data" argument. In my experience, you *always* end up leaking something that way. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]