in reply to Re^4: Creating a rainbow table for a ten-digit number: Advice?
in thread Creating a rainbow table for a ten-digit number: Advice?
What I am trying to prevent is to have a collection of "important" numbers in plaintext on a laptop
Noone suggested that. We said specifically said to put that information in the secret database, the one "that's under lock and key (of course)".
You're ok with haveing a secret table that maps public ids to real ids. You were thinking of implementing that table as a rainbow table. All we're suggesting is that you implement that table in a much more straightforward manner:
work db secret db (laptop) (under lock and key) +-----------+--- +-----------+---------+ | public id | ... | public id | real id | +-----------+--- +-----------+---------+
The public id would simply be a unique random number. (Safer than a hash, and avoids the problem of collisions.)
Now, this assumes the database is created before being placed on the laptop, but that's consistent with everything you've told us so far. You can still use the above method if you collect the numbers in the field, but only if the field has access to the a remote service that provides the following function:
$public_id = get_new_public_for($real_id);