Re: db encryption and multiuser question

[Mark Smith]

I see what you mean. I guess I was thinking of the case when you're  
searching for an exact and whole db entry. It would also fail on  
comparative operators. Doh!

Best,
Mark

On 5 Feb 2008, at 17:11, Trevor DeVore wrote:

On Feb 5, 2008, at 10:23 AM, Mark Smith wrote:

Would that be true if you encrypted the search terms the same way  
you encrypted the data?

First of all, I am no encryption expert so the following is just  
based on what I've seen while using encryption.

The issue you have is that the encrypted version of a word most  
likely (it at all possible) will not appear in the encrypted  
version of a phrase containing that word. Here is an example using  
Blowfish:

"this is a bunny"
Salted__&rÎz∫ˆè˘ù2LÀúøbÆß«Ãô•Võ

"bunny"
Salted__∞.3Ǣfi∂Î<øÕÌ’@

So you can't really search for "bunny" within "this is a bunny"  
using the encrypted form.

Perhaps you could create an index of individual words in a separate  
field in the database for searching. Each word would be encrypted  
individually rather than all words as a whole. You would probably  
end up with a very big index though.

I imagine it is probably best to use a db with built in encryption  
if you need encryption and searching.

Regards,

--
Trevor DeVore
Blue Mango Learning Systems
www.bluemangolearning.com    -    www.screensteps.com

_______________________________________________
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your  
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution

_______________________________________________
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution