Storing scrambled Social Security numbers

Question

I need to store a social security number in the unique scrambled state...

The reason: I would require social numbers, but I do not want to store them open in case if database gets compromised.

I want to convert Social Security number into string of alphanumerics and I prefer this to be a one-way process.(not reversible)

Then, when I search for existing SSN numbers, I would use the same algorithm again for user-input, scramble the SSN and will search the database using alphanumeric string.

In php, I could do something like that

function maskSSN($SSN) {
    $salt = sha1(md5($SSN));
    $SCRAM = md5($SSN . $salt);
    return $SCRAM;
}

But I do not think that would produce unique values

Answer 1

With something with as little entropy as SSNs, I wouldn't recommend storing them unencrypted or hashed. It would be very feasible to brute force the SSNs if an attacker steals your database.

Instead you should encrypt the SSNs with AES-256 or better. Check out this SO question for more info about proper storage of the crypto key: Storing encryption keys -- best practices?