IBM to Provide Security w/o Sacrificing Privacy Using Hash Functions

Alex Mauer hawke at hawkesnest.net
Thu May 26 20:33:51 CEST 2005 

Mark H. Wood wrote:
> The whole point of using a hash is to make it extremely unlikely that
> either party could recover the plaintext unilaterally.  It's like having a
> vault with two different locks, and giving the keys to two different
> people, to make abuse more difficult by requiring collusion for a
> successful penetration.

Sure, I understand the purpose.  But Florian seemed to be saying that it
would be simple to retrieve the plaintext, "because the search space is
so small".

Ryan M. covered that a bit, but mostly from the perspective of guarding
against identity theft.  It would only protect somewhat against that
(making it harder is at least a good start, I'd say)...but unless I'm
missing something big it would protect against any party retrieving the
entire plaintext passenger list (or whatever it may be) or the entire
plaintext watch list.

> It's worse than that.  I don't know of anybody who spells his name
> "Aleks",

I don't either personally, but Google says it's pretty common.

> but both "Yuri" and "Yuriy" are in use, not to mention (usually
> from another part of the world) "Uri".  Likewise both "Mark" and "Marc"
> are common.  It doesn't have to be an error to be a false mismatch.

No, but with that level of false negatives you might as well not even
bother with the system in the first place.

> If I understand what e.g. Soundex does, it should be possible to compare
> hashes of Soundex-coded strings in order to reduce the incidence of false
> mismatches.

And with that level of false positives ...

http://www.highprogrammer.com/alan/numbers/soundex.html explains how
soundex works, and from that it should be obvious that soundex would be
a *horrible* choice for this application.  Which is not of course to say
that it's an unlikely choice. :-D

-Alex Mauer "Hawke"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 264 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20050526/d7211cdd/signature.pgp

More information about the Gnupg-users mailing list