One of our customers who is big into security had a pretty good idea. Their concern was that if the sensitive data could be decrypted it was vulnerable and considered a security risk. They proposed using a one way encryption algorithm and then only comparing the hash values of the sensitive data - not the actual data itself. I am not certain which algorithm they were talking about.
Dov Rosenberg On 2/7/09 12:08 PM, "Michael Gentry" <[email protected]> wrote: > Here it is: > > http://people.apache.org/~mgentry/Security_Manifesto.pdf > > Joe had a few questions off-the-list (about how to do a query on an > encrypted value) and I'll try to update it soon, but that's the > current version I have. > > Comments appreciated, as always. > > mrg
