Order preserving encryption
mochetts opened this issue · 3 comments
This is more a question rather than an issue. But couldn't find any better place to ask this. Sorry if this is not the proper channel.
So the question is, is the library encrypting values preserving the order?
So if a < b
then e(a) < e(b)
(being e
the encryption function).
Thanks and sorry again!
Encryption by design does not maintain ordering of encrypted values. The only way to do it would be to store one or more of the characters in the clear in a separate column for ordering purposes. Of course it requires that those characters can be exposed and do not have any meaning to anyone that was able to see the unencrypted column.
Well, there are encryption algorithms that do preserve ordering. In fact, there's a gem out there that implements one of these: https://github.com/louismullie/ope-rb.
I was testing that gem, but it fails when encrypting large numbers. Mainly reason why I wanted to give it a try to the gem on this repo. But I'll have to keep on looking. Thanks for your clarification!
This gem uses OpenSSL to do the actual encryption and is therefore limited to whatever algorithms are implemented by OpenSSL.