On Jun 26, 2012, at 11:35 AM, V G wrote:

> I'm considering using client-side AES256 encryption on all first/last nam=
es. The rest of the data is useless if the names are unknown.

That wouldn't be secure at all.  Well, I guess the database might be secure=
, but communications with it wouldn't be.  See who goes into the office, se=
e which encrypted stuff comes out. See "Known plaintext attack."  And you h=
ave key management issues.

See also "deterministic encryption" - basically, you set up encryption so t=
hat the same plaintext ALWAYS yields the same cyphertext, and the database =
can do all the lookups it needs to do without ever having access to the pla=
intext.  Key management is still an issue :-(

(I took Stanford's online encryption class, and now I can see more things t=
hat are bad ideas.  Prof's first rule: you don't invent encryption systems =
yourself.  Not algorithms, not key management, not the little details.  LOT=
S of examples of people taking reasonably secure algorithms and coming up w=
ith overall systems that ended up having "obvious" attacks.  802.11 WEP, fo=
r instance.)  The medical database problems ought to be a known problem wit=
h a known solution.  Find it or buy it.  It's probably expensive :-(  )

BillW

--=20
http://www.piclist.com PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
.