Closed afrizaloky closed 1 year ago
HASH("John") == Hash("John")
. So an attacker will know all rows in the database with similar names. If he has own created row (by the legal UI or user flow as standard user) with name "John", he can find own row with hash of this first name, and then find all "John"s in the database. When we use separate keys for every client then an attacker can find only similar values in the set of rows of one client, not all in the database, and all other client data are not compromised. HMACing values add one more dimension of values. With set of 10k unique first names hashing produces 1D dimension of 10k values. Using HMAC and unique keys per client it produces 2D dimension with X keys * 10k valuesThanks you for you answer
I have some question here
I want ask about searchable encryption, why you choose to use HMAC instead of pure hash? AFAIK, HMAC add authentication purpose, but i don't know the purpose why you need the authentication.
Based on your documentation, There are 3 state data in masking encryption.
I want ask about
ResponseOnFail
. When someone tamper the encrypted data in database, the data couldn't be decrypted. It will send error to client (depend onResponseOnFail
). But, what will happen if encryption fail? I know the possibility is very slim but it still possible. Since i can't reproduce the case, so i ask here.