[web2py] Re: anonymize sensitive data on the fly using LazyCrypt() object as primary key

Sat, 24 Sep 2016 20:14:03 -0700 

That is a god question and it is more a question for a cryptanalyst. 
Theoretically you are giving some info to the attacker but how much info. 
Intuitively I would say you are giving almost no additional info. If I were 
to review code with this trick, I would consider it secure.


On Wednesday, 21 September 2016 08:56:59 UTC-5, Zoltan Vincze wrote:
>
> I would like to anonymize some DB-tables on the fly to ensure that no one 
> - not even me as administrator - can perform joins between tables signed 
> with auth.user_id and tables signed with anonym_user_id but the logged in 
> user himself. At the same time I would like to be able to perform joins 
> within the tables signed with anonym_user_id like this:
>
> select a.*, b.*
> from table1 a, table2 b
> where a.anonym_user_id = b.anonym_user_id
>
> even if the user is not logged in. This means the system has to assign on 
> login the same anonym.user_id to the user, otherwise I couldn't perform 
> joins using it as a key.
>
> My idea is to extend the auth_user table with two fields (user_salt, 
> user_prefix) generated on registration and filled with a UUID. On login the 
> user would get assigned a hash like this:
>
> session.anonym_user_id = 
> str(CRYPT(digest_alg='pbkdf2(1000,20,sha512)',key='my_secret_key',salt='user_salt')('user_prefix'+'user_password')[0])
>
> If I understand the hashing process correctly than the following:
>
> >>> a = 
> str(CRYPT(digest_alg='pbkdf2(1000,20,sha512)',salt=True)('user_password')[0])
> >>> CRYPT(digest_alg='pbkdf2(1000,20,sha512)',key='my_secret_key',salt='user_salt')('user_prefix'+'user_password')[0]
> >>>  
> == a
> >>> False
>
> guarantees a proper anonymization. Or do I miss something?
>
> My question is: do I introduce any security back doors when I save the 
> above anonym_user_id, user_salt, user_prefix and the 
> original auth_user.password in the same DB but in different tables? Can 
> someone crack the user passwords because of this?
>
>
>
>
>
>
>

-- 
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
--- 
You received this message because you are subscribed to the Google Groups 
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to