What I am trying to prevent is to have a collection of "important" numbers in plaintext on a laptop

Noone suggested that. We said specifically said to put that information in the secret database, the one "that's under lock and key (of course)".

You're ok with haveing a secret table that maps public ids to real ids. You were thinking of implementing that table as a rainbow table. All we're suggesting is that you implement that table in a much more straightforward manner:

 work db             secret db
 (laptop)            (under lock and key)
+-----------+---     +-----------+---------+
| public id | ...    | public id | real id |
+-----------+---     +-----------+---------+
[download]

The public id would simply be a unique random number. (Safer than a hash, and avoids the problem of collisions.)

Now, this assumes the database is created before being placed on the laptop, but that's consistent with everything you've told us so far. You can still use the above method if you collect the numbers in the field, but only if the field has access to the a remote service that provides the following function:

$public_id = get_new_public_for($real_id);
[download]

This is a good solution, save that I am not in constant contact with the people collecting the data, nor their laptops. So, to do this I would require some means of pre-arranging the relationship between "public" and "real" ids.

I think you may be misuderstanding the Public Key advice.

1. Back at base, you generate a public/private key pair. (Using say; Crypt::RSA.
2. You give the public key to the laptop users.
3. Within the script on the laptop, you use that public key to encrypt the numbers and you store the encrypted data in their DBs.

   You discard the numbers immediately.

4. When they return to base, you can use the private key to decrypt those databases.

---

Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.

"Science is about questioning the status quo. Questioning authority".

In the absence of evidence, opinion is indistinguishable from prejudice.

"I'd rather go naked than blow up my ass"

Do all the laptops have all the important numbers?

Or just each have one (or a few), and any reversal done (and the DB stored), in your secure location?

No, I will only be collecting a few hundred or thousand numbers, roughly split between two laptops. Reversal will be in a secure location.

Okay, so you want to hash the numbers as the are collected in the field, salted with a memorised (manually entered) salt, and store only the hashes. So that should the laptop fall into the wrong hands, the real numbers are irretrievable.

But then have a set of rainbow tables back at your secure location, built using the memorised salt+hash, that allows you to reverse the hashes.

Barring that the bad guys torture you/the collectors for the memorised salt and build their own rainbow tables, that seems quite secure. (To me, but I'm no expert!).

---

Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.

"Science is about questioning the status quo. Questioning authority".

In the absence of evidence, opinion is indistinguishable from prejudice.

"I'd rather go naked than blow up my ass"