[rt-users] Re: encrypting fields and email

seph seph at directionless.org
Fri Oct 1 12:38:01 EDT 2004


I'm sorry, y'all seem somewhat confused about how cryptography works
and it's making this discussion nonsensical. Backing up several steps...

There are 2 basic forms of encryption. Both start knowing the
plaintext. 

  Symmetric encryption uses the same key for encryption and
  decryption. This means that they key is secret, and only people
  knowing the secret can encrypt or decrypt.

  Public/Private encryption uses separate keys for the encryption and
  decryption. The public key is known to all, and is only used to
  encrypt things, the private key is secret and only used to decrypt
  things. The public key is never needed for decryption, the private
  key is never needed for encryption.

If you were only concerned about protecting the ticket content in
transport, and didn't mind having the server able to read it, you
would use public/private. The server would use the public keys for
each recipient and encrypt the outgoing data. The clients would then
use their private keys to decrypt.

Unfortunately, that would mean storing the data in plaintext on the
server. The simple approach to solving that problem is to have the
client encrypt the data before it reaches the server. However, that
has several downsides. The client has to know who it's encrypting the
data for, and the server won't be able to index or search data. 

One possible approach would be to only encrypt fields that didn't need
to be indexed, credit card data, for example. The client would handle
all the encryption and decryption. Has the aforementioned downside that
the client would have to know who to encrypt it to. You couldn't just
add a watcher, without also giving them a copy of the key.

So now that we have a basic over view of the possibilities, what
problem are you trying to solve? My experience in industry is that the
most common sort of encryption is to have the data encrypted in the
database, to a symmetric key in the application layer. Hardly perfect,
but when the app layer needs to work with the data, there's not much
else to do. 

seph



More information about the rt-users mailing list