Re: encryption with python

On Wed, 07 Sep 2005 14:31:03 -0700, jlocc wrote:

> Basically I will like to combine a social security number (9 digits)
> and a birth date (8 digits, could be padded to be 9) and obtain a new
> 'student number'. It would be better if the original numbers can't be
> traced back, they will be kept in a database anyways. Hope this is a
> bit more specific, thanks!!!


There are "one-way" encryption functions where the result can't easily be
traced back to the input, but why do you need the input anyway? Here is my
quick-and-dirty student ID algorithm:

last_number_used = 123 # or some other appropriate value

def make_studentID():
global last_number_used
last_number_used = last_number_used + 1
return last_number_used

For a real application, I'd check the database to see if the number has
already been used before returning the number. Also, if you need more
than four digits in your IDs, I'd add a checksum to the end so you can
detect many typos and avoid much embarrassment.

Since the ID is entirely random (a factor of what order the students are
entered into the database) no attacker can regenerate their SSN from their
student ID. At worst, an attacker might be able to work out roughly what
day they were added to the database. Big deal. And if that is a problem,
you might do something like this:

last_number_used = 12345
usable_IDs = []

def make_studentID():
global last_number_used
global usable_IDs
if not usable_IDs:
# generate another batch of IDs in random order
usable_IDs = range(last_number_used, last_number_used + 1000)
usable_IDs.sort(random.random())
last_number_used += 1000
return usable_IDs.pop()

In a real application you would need to store the global variables in a
database, otherwise each time you reload the Python script you start
generating the same IDs over and over again.


--
Steven.

.

Relevant Pages

  • Re: encryption with python
    ... > and a birth date (8 digits, could be padded to be 9) and obtain a new ... they will be kept in a database anyways. ... Why don't you assign an arbitrary ID number to each student that is ...
    (comp.lang.python)
  • Re: encryption with python
    ... >> Basically I will like to combine a social security number (9 digits) ... >> 'student number'. ... but not have the actual SSN stored in the database. ...
    (comp.lang.python)
  • Re: How should I generate a primary key?
    ... the external reality and verify them. ... be verified for syntax or check digits inside itself. ... A surrogate key is system generated to replace the actual key behind ... with a quote from Dr. Codd: "..Database users ...
    (comp.databases)
  • Re: encryption with python
    ... > the student can change if they want. ... option was to use a default pass phrase of the last n digits of the SS#. ... the encryption protocol: Encrypt database with 3xDES using a secret key. ...
    (comp.lang.python)
  • Re: Policy Routing: Guaranteeing Bandwidth Question
    ... to our outsourced database ip address. ... No - because the saturation happens at the "choke point". ... matters at the point where some packets might get sent 1st, ... No student use of the link ...
    (comp.dcom.sys.cisco)