IT:AD:Design:Investigations:Search through Encrypted Data
Summary
Succinctly:
Encryption and searching are conflicting objectives.
Offline Mobile Data is a security nightmare. If the data is sent unobfuscated or unecrypted, even if obfuscated before displaying, the communication channel can be observed.
In addition, the application can be taken offline, and investigated.
But if the transmitted records are encrypted before persistance, the data becomes unsearchable.
This is probably not a bad thing.
- Searchability leaks information about the document context and content.
- Even if searchable, the user cannot view the contents, so beyond the first page request, what's the point of showing it again?
Conclusion:
- At this point, I'm willing to accept that:
- Mobile application do not need the ability to search data received encrypted and stored in their local datastores.
- Records could be locally decorated with
XAct.IHasEncryptionAppliedand call it a day.
SqlServer, Enterprise Edition Encryption
SqlServer can store encrypted information, and search on it. It's not at all what we are talking about here, but worth knowing.
Another concept is searching on encrypted data.
See: http://blogs.msdn.com/b/lcris/archive/2005/12/22/506931.aspx
Investigations
That said, in case the concept still entertains… here are some further on the subject:
Encoding using the Server's Public Key
Consider encoding the data before transmitting it, using the public key of the server (not client). The client has access to this to encode search terms with the same public key, therefore being able to match the exact same value.
- This only works for complete, case sensitive matches (%s% searches for Smith won't work).
Encoding a Document's Index of words at the Same Time
Consider scanning the document for words, encoding each one, and saving that encrypted list, and transmitting that with the record.
- The word list is now searchable (more or less, %s% still does not work. but smith could now work (as long as search terms are lowercased before encrypting).