Last post Nov 03, 2016 03:36 AM by Sid S
Oct 24, 2016 11:45 AM|EllenHeijmans|LINK
I use TripleDes and Cryptography in C# to encrypt my text and then save it in a database. Now I want to be able to search for a single word in that encrypted text in the database. I thought that if I encrypt the word I want to search on, that I can use that
encrypted word to search in my database (SQL Server with FREETEXT). But the encrypted string of the word doesn't apear at all in the entire encrypted text.
How can I achieve what I want namely, a user types in a word he want to look for and my database will return the found record. Encryption must remain in .NET though. I don't know how to create the identical encryption on the database.
Oct 24, 2016 02:27 PM|senthilwaits|LINK
It's not going to be easy. The requirement you have is rarely implemented. When you encrypt a text which has multiple words, the encrypted text is not going to be same when you encrypt every single word in the text and concatenate it. If you encrypt the
words individually and concatenate and save it in the database, then doing a search is possible but that defeats the purpose of encryption and security.
I used a online tool to encrypt the sample text and then the words individually
The text I used is "Encrypted Text"
Encrypted - EnCt2b2f49be0d85dc75d8d889cfb47b9567926a21365b2f49be0d85dc75d8d889cfbTOxgXwK/DgP
Text - EnCt24219f3d5016e5f97a300a822ce7680f1cd46941a4219f3d5016e5f97a300a822VM103m/UfAP
Encrypted Text - EnCt26fd8d42c089621c91586a80479387d6ee56b40c96fd8d42c089621c91586a804c4UVM509fwK
There are some interesting links which talk about similar requirements
Nov 03, 2016 03:36 AM|Sid S|LINK
Fortunately (but unfortunate for your specific use case), that's not the way cryptography is designed to work. To maximize privacy during encryption, a string of words are typically encrypted as a whole. In fact, there are special measures (e.g. crypto-random
initialization vectors) in place to ensure that even if you encrypt the same string, twice - you should get very different results. Of course, decrypting each result will always result in the original string.
input = "Ellen wants to search cipher text"// note encrypt results in a raw byte array, represented below as a base64 stringencrypted the 1st time = "zbMAAAIEGMYcKd8iOW5YaMzMHQIgSHTCm5pNiqaHR6Ofg8Zc3QAAou5V6wVkahQ0h5sC3xXKVPqEyOqNm768WSD0vMaAjlvsN4y0+0JIP866mqOZMNGiXA==" encrypted the 2nd time = "zbMAAAIEGO7YPPXb36KwPKYZZgIghYVvvXo40JYWbk++ZLnd1QAARfQ/490WYgRaklpqyiACwswVPIzVY+FwgFhV27YDay1rqJ3XFosu4kfdGQ6n8/Avfw=="
For what you want to do, you need to break the string into individual words and then encrypt each word in a deterministic manner. However that will open your encrypted data to frequency analysis attacks since there is now a 1:1 correlation between a plaintext
word and it's cipher text counterpart. Also, it's not clear why you're using 3DES when AES exists. It's a lot more efficient and more future ready but the caveats previously mention remain.
Since you seem to be new to the cryptographic field, I would HIGHLY recommend reading the following two articles
In the interest of full disclosure, I do work there but those articles are educational and very relevant to your question.