http://qs321.pair.com?node_id=834134


in reply to Re^5: Creating a rainbow table for a ten-digit number: Advice?
in thread Creating a rainbow table for a ten-digit number: Advice?

This is a good solution, save that I am not in constant contact with the people collecting the data, nor their laptops. So, to do this I would require some means of pre-arranging the relationship between "public" and "real" ids.

Replies are listed 'Best First'.
Re^7: Creating a rainbow table for a ten-digit number: Advice?
by BrowserUk (Patriarch) on Apr 11, 2010 at 22:13 UTC

    I think you may be misuderstanding the Public Key advice.

    1. Back at base, you generate a public/private key pair. (Using say; Crypt::RSA.
    2. You give the public key to the laptop users.
    3. Within the script on the laptop, you use that public key to encrypt the numbers and you store the encrypted data in their DBs.

      You discard the numbers immediately.

    4. When they return to base, you can use the private key to decrypt those databases.

    Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
    "Science is about questioning the status quo. Questioning authority".
    In the absence of evidence, opinion is indistinguishable from prejudice.

      I think you may be misuderstanding the Public Key advice.

      I wish I could claim credit for the PKE idea (illustrated below), but he understood what I meant correctly. The advice I gave was based on the fact that the OP only said that the laptops used the data. Since I wrote that post, he has changed the requirements such that the laptops now collect the data.

      work db secret db (laptop) (under lock and key) +------------+ +-------------+ | public key | | private key | +------------+ +-------------+ +-----------+--- | public id | ... +-----------+--- | public id | ... +-----------+--- | . | . | .

      The public id would be the real id encrypted using the public key.

      The Public Key idea is excellent, and is part of the solution. Unfortunately, I cannot use a public key as part of the data entry toolset - because I am restrained by using MS Access for data entry. If I was able to do the data entry system in Perl, your suggestion (and the module that would likely get most of the heavy lifting done) would be a godsend.

      I fear I have asked a question without a complete enough spec, and so have become mired in clarifications, rather than looking at solutions. I should learn my lesson, but apparently, I have not yet done so.

        I'm pretty sure that there would be some way of handing off the input number from Access to a perl script for encryption. Of course, you may not be interested in doing that.

        But if you were, one possibility would be to have a perl script running in the background acting as a DDE server and then use a VBA macro to pass the number and retrieve the encrypted version. It's old technology, but simple to set up. Far easier than COM.