Is there any encryption method for int column?

views:

220

answers:

+4 Q:

Is there any encryption method for int column?

The scenario is that I want to encrypt finance numbers in a int column of a table of sql server and it is a big app so it is difficult to change the table column type from int to any other type.

I use sql server 2005 and asp.net C#.

Is there any two-way encryption method for int column of a table?

It can be user-defined-function in sql server 2005 or C# method.

+1 A:

XOR?

Hmm, need more text...

leppie 2010-03-23 07:08:12

XOR is not so good because the same value will result in the same encrypted value. And "close" integers will also result in close values. (Unless you use a different XOR for every row).

Thilo 2010-03-23 07:28:01

Hence the :) after the answer.

leppie 2010-03-23 07:36:15

There are a few two way encryption schemes available in .Net.

http://stackoverflow.com/questions/165808/simple-2-way-encryption-for-c

You can either convert the integer to it's byte array equivalent or convert it to a base-64 string and encrypt that.

Spencer Ruport 2010-03-23 07:10:01

None of them are FROM int TO int, though. That is the main problem. In any sensible scheme, the result is a long as the key. For an Int to Int encryoption a replacement table is the only solution I can come up with, and that would have 4 billion entries ;) Or some bitshifting (like XOR), but that hardly counts as encryption.

TomTom 2010-03-23 07:12:44

Yes. The main problem is "FROM int TO int".

Mike108 2010-03-23 07:20:14

Mike why would you do that? Encrypted data is supposed to be useless to look at. In light of that why would you care what type the encrypted result is?

Spencer Ruport 2010-03-23 15:47:28

@Spencer Ruport: Because it is a old-big app that is hard to change the column type.

Mike108 2010-03-24 01:28:29

That doesn't make any sense. If your big old app is expecting the unencrypted value then you're still going to have to make changes everywhere that make it expect the encrypted value. And if you're going to do that it's not much more of a hassle to change the field type.

Spencer Ruport 2010-03-24 01:34:10

+3 A:

I'm sorry but I simply can't see the rationale for encrypting numbers in a database. If you want to protect the data from prying eyes, surely SQL Server has security built into it, yes?

In that case, protect the database with its standard security. If not, get a better DBMS (though I'd be surprised if this were necessary).

If you have bits of information from that table that you want to make available (like some columns but not others), use a view, or a trigger to update another table (less secured), or a periodic transfer to that table.

paxdiablo 2010-03-23 07:19:15

Well, every injective, surjective function from int to int can be used as a way to "encode" an integer.

You could build such a function by creating a random array with 65536 items with no duplicate entries und using f(i) = a[i]. To "decode" your int you simply create another array with b[i] = x | a[x] = i.

As the others have mentioned, this may not be what you REALLY want to do. =)

Edit: Check out Jim Dennis' comment!

Jens 2010-03-23 07:26:43

Problem with this is that the same value will result in the same encrypted value. So you can still find pairs of people with the same salary.

Thilo 2010-03-23 07:36:18

You might be able to do it with with an extra column containing salt. If the salt values are large enough (32 random values, for example) then you eliminate almost all collisions. (I could even have a UNIQUE constraint on the salt column, enforced by the RDBMS engine).Overall the idea here is still absurd ... but theoretically ...

Jim Dennis 2010-03-23 07:46:16

You might want to look at format preserving encryption.

Accipitridae 2010-03-26 07:34:04

ansaurus

tags:

views:

answers:

Is there any encryption method for int column?

related questions