Question
Nicola Sartore · Dec 2, 2021

SNN Encryption

I need to store an equivalent of the SNN (Social Security number). I need it to be encrypted and I'll have to be able to search for it once stored.

For what I've seen my options are: 

- SHAHash from the %system.encryption library. Simple and easy to implement. My question is, might collisions be a problem? We are talking about a 10 millions entry.

- AES encryption. In this case I'd like to know if there is a standard way for key management in the InterSystems environment.

I can eventually get a certificate for this project to use other encryption function as well.

Open to suggestions.

Product version: IRIS 2021.1
00
2 0 2 158
Log in or sign up to continue

If you are to store the encrypted identifiers in the database, database block encryption is your answer, but if you need to transmit them securely, before encrypting or hashing something as small as a nine-digit number add some salt. That is add enough random digits or letters to make a brute force attack unfeasible. Since you presumably want to be able to later decode these identifiers, use encryption in your case.