Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to compare encrypted strings with random seeds?

I want to store profile details encrypted within a database. However, some details should be unique, and since the encryption algorithm randomizes the seed for each encryption, it's exhaustive to tell whether the value is already stored within the database.

  • I could loop through each row and decrypt the necessary column, but that would take too long if the number of rows is large.
  • I could store hashes of these (unencrypted) details but that would kill the point of encryption in the first place.

So, how do I compare an encrypted string (with random seed) with others saved in the database?

Any help is highly appreciated. Encryption is made with php (MCRYPT_RIJNDAEL_256/NOFB), database is MySQL.

Edit/solution: Storing the data hashed in addition to the encrypted value seems to be my best solution. That makes validation of unique columns easy enough for me. Thanks to everyone leaving their comments/answers.

like image 670
Alasjo Avatar asked Jan 02 '12 09:01

Alasjo


1 Answers

You've chosen an algorithm that doesn't provide a capability you now say you need. You need to work out your requirements before you choose an algorithm.

like image 168
David Schwartz Avatar answered Nov 08 '22 18:11

David Schwartz