PHPackages kba-team/data-protection - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Search & Filtering](/categories/search) 4. / 5. kba-team/data-protection ActiveLibrary[Search & Filtering](/categories/search) kba-team/data-protection ======================== Deterministic one-way encryption of unique sensitive data. 1.1.2(2y ago)06.0k1MITPHPPHP ^7.4|<8.4 Since May 24Pushed 2y ago2 watchersCompare [ Source](https://github.com/the-kbA-team/data-protection)[ Packagist](https://packagist.org/packages/kba-team/data-protection)[ RSS](/packages/kba-team-data-protection/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (6)Dependencies (1)Versions (8)Used By (0) Deterministic one-way encryption of unique sensitive data ========================================================= [](#deterministic-one-way-encryption-of-unique-sensitive-data) [![License: MIT](https://camo.githubusercontent.com/7013272bd27ece47364536a221edb554cd69683b68a46fc0ee96881174c4214c/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d626c75652e737667)](LICENSE)[![Build Status](https://camo.githubusercontent.com/c9865b2b85f67974140eeedb9d4b0c2c4d7d6dfd901906aaf999751a947845f1/68747470733a2f2f7472617669732d63692e6f72672f7468652d6b62412d7465616d2f646174612d70726f74656374696f6e2e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/the-kbA-team/data-protection)[![Maintainability](https://camo.githubusercontent.com/2a52a966534b8d954355167a115666e6292e051b7e225ae4d084f9f944feb712/68747470733a2f2f6170692e636f6465636c696d6174652e636f6d2f76312f6261646765732f38356235323162663465653963386232326330312f6d61696e7461696e6162696c697479)](https://codeclimate.com/github/the-kbA-team/data-protection/maintainability)[![Test Coverage](https://camo.githubusercontent.com/b1eef2796682544cc458d3fe321a2653d495509d249dda969eb7b3af18f8287b/68747470733a2f2f6170692e636f6465636c696d6174652e636f6d2f76312f6261646765732f38356235323162663465653963386232326330312f746573745f636f766572616765)](https://codeclimate.com/github/the-kbA-team/data-protection/test_coverage) The goal of this class is to encrypt unique sensitive information, like social security numbers, without the possibility to decrypt it afterwards but still be able to search for it using `equals` and `not equals` operators. Scenario -------- [](#scenario) A persons data in the database contains a social security number. This kind of data is sensitive because, in case of a security breach, a criminal can use it to assume the identities of the people stored in the breached database. Therefore this kind of information needs to be protected. In this scenario the social security number is never actually displayed or processed. It is used to identify a unique person even if other stored data of that person changes over time, like a change of name in case of a marriage. It is assumed that the social security number won't appear twice in the database. In order to uniquely identify a person, it still has to be possible to search for the social security number, even though this information has been encrypted. The typical search patterns are either `equals`, in case a person needs to be uniquely identified, or `not equals` to avoid duplicate entries for the same person in the database. Simply creating a hash value of that information, or a hash value with a static salt, won't work, because an attacker can create a rainbow table of all possible iterations and match their hashed values against the ones stored in the database. Creating a salted hash value, like the ones used for passwords, won't work because it has to be possible to search a database of thousands of entries. In order to perform an `equals` search, the information has to be hashed using all prior used salt values. An `not equals` search in that manner won't reliably determine whether a person is *not* in the database. Solution -------- [](#solution) The solution to safely store sensitive information is to encrypt it in a deterministic way, without the possibility to decrypt the information afterwards. A safe encryption consists of a secret key and an initialization vector which guarantees the encrypted value is unique. Based on the information found in [question 59580 on Stack Exchange](https://security.stackexchange.com/questions/59580/how-to-safely-store-sensitive-data-like-a-social-security-number#61004 "'How to safely store sensitive data like a social security number?', Retrieved 2018-05-24 09:00") ciphers in CBC mode with an initialization vector derived from the plain text match the requirement of a deterministically encrypted information. In order to generate the same encrypted value each time, the key and the cipher algorithm used, need to stay the same for the given database, but the key needs to be different for different databases. This will make it harder for an attacker to create a rainbow table. Downfall -------- [](#downfall) In case the secret encryption key is breached, the encrypted data is still safe as long as computing power doesn't allow for a rainbow table based on all possible social security numbers encrypted with the secret key to be created within a reasonable amount of time. Usage ----- [](#usage) Include this package using composer. ``` composer require kba-team/data-protection: "^1.0" ``` Securely generate a secret key. ```