db encryption and multiuser question

[Trevor DeVore]

On Feb 5, 2008, at 10:23 AM, Mark Smith wrote:

> Would that be true if you encrypted the search terms the same way  
> you encrypted the data?

First of all, I am no encryption expert so the following is just based  
on what I've seen while using encryption.

The issue you have is that the encrypted version of a word most likely  
(it at all possible) will not appear in the encrypted version of a  
phrase containing that word. Here is an example using Blowfish:

"this is a bunny"
Salted__&rÎz∫ˆè˘ù2LÀúøbÆß«Ãô•Võ

"bunny"
Salted__∞.3Ǣfi∂Î<øÕÌ’@

So you can't really search for "bunny" within "this is a bunny" using  
the encrypted form.

Perhaps you could create an index of individual words in a separate  
field in the database for searching. Each word would be encrypted  
individually rather than all words as a whole. You would probably end  
up with a very big index though.

I imagine it is probably best to use a db with built in encryption if  
you need encryption and searching.

Regards,

-- 
Trevor DeVore
Blue Mango Learning Systems
www.bluemangolearning.com    -    www.screensteps.com