Re: [MLUG] unidirectional key?

Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: MLUG Members <EMAIL:PROTECTED>
Subject: Re: [MLUG] unidirectional key?
From: Mike Miller <EMAIL:PROTECTED>
Date: Wed, 9 Jul 2003 18:56:35 -0500 (CDT)
In-reply-to: <EMAIL:PROTECTED>
List-archive: <http://mlug.missouri.edu/pipermail/members>
List-help: <mailto:EMAIL:PROTECTED>
List-id: MLUG Members <members.mlug.missouri.edu>
List-post: <mailto:EMAIL:PROTECTED>
List-subscribe: <http://mlug.missouri.edu/mailman/listinfo/members>,<mailto:EMAIL:PROTECTED>
List-unsubscribe: <http://mlug.missouri.edu/mailman/listinfo/members>,<mailto:EMAIL:PROTECTED>
References: <EMAIL:PROTECTED><EMAIL:PROTECTED>
Reply-to: MLUG Members <EMAIL:PROTECTED>
Sender: EMAIL:PROTECTED

On Wed, 9 Jul 2003, Dave Lloyd wrote:

> How about a md5 hash of the name?  I thought those were unidirectional.

I think you have a good idea.  I've now proposed to our people that we use
MD5.  You can read my proposal below.  Thanks for the tips!

Mike


Date: Wed, 9 Jul 2003 18:18:22 -0500 (CDT)
From: Mike Miller <EMAIL:PROTECTED>

Here's a scheme.  This uses MD5 encryption.  We would take identifying
information and use MD5 to translate that information into a special ID
called an "MD5 fingerprint."  That fingerprint would be stored with the
subject's data.  It would be impossible to learn anything about a subject
from the MD5 fingerprint - we can't back-translate.  But, if we had the
identifying information used to create the fingerprint, we could recreate
the fingerprint and find the subject's data so that we could add something
to it.

We would need to decide exactly what identifying info will be used to
create the MD5 fingerprint.  I don't know what identifying info we would
be presented with when we want to add data to the database -- would it be
just first and last name, sex, birthdate?  Let's pretend that's the plan.
We would have to prepare a string of characters using that information
like this, say:

Michael Miller M 05191958

first<space>last<space>sex(MF)<space>mmddyyyy

If this string is unique for every subject, we could then create a unique
MD5 fingerprint for every subject.  The fingerprint would be stored in the
database and the subject's name would be removed.

It would be even easier if new data would be coming to us using a unique
ID instead of name, sex, birthday.  We could then just use the unique ID
to make the MD5 fingerprint and delete the unique ID from the database.

The MD5 is perfectly secure, so far as we know -- there is no way to use
it to tell anything about the source (identifying info), and there is no
way that two different info sources will produce the same MD5 fingerprint.

Would that help?

Here's a simple manual page on MD5:
http://www.hmug.org/man/3/md2.html
More basic info:
http://www.fourmilab.ch/md5/
Somewhat more technical stuff:
http://userpages.umbc.edu/~mabzug1/cs/md5/md5.html

Best,

Mike
_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members

Follow-Ups:
- Re: [MLUG] unidirectional key?
  - From: Michael <EMAIL:PROTECTED>

References:
- [MLUG] unidirectional key?
  - From: Mike Miller <EMAIL:PROTECTED>
- Re: [MLUG] unidirectional key?
  - From: Dave Lloyd <EMAIL:PROTECTED>

Prev by Date: Re: [MLUG] unidirectional key?
Next by Date: Re: [MLUG] unidirectional key?
Previous by thread: Re: [MLUG] unidirectional key?
Next by thread: Re: [MLUG] unidirectional key?
Index(es):
- Date
- Thread