Cryptography Reference
In-Depth Information
This solution, though, is still often much cheaper and simpler
than building sophisticated access mechanisms and finding a secure
operating system to host the database.
20.3 Using Strong One-Way Functions
Using steganography with a centralizeddatabase produces databases
with two levels of access that can be controlled by the users alone.
The solutions make it simple to add new functions to legacy applica-
tions without disturbing them. If
f
(
x, C
)
is some function that hides
the secret bits of
x
in the cover
C
in a way that can't be detected, then
aclientstores
f
(
x, C
)
in the database instead of
C
.Onlythepeople
who know about
f
and have the right keys to reverse
f
can extract
x
.
Everyone else sees plain old values of
.
Here are a few quick examples of how this can be useful:
C
•
A database that tracks ships can blur the actual position of a
ship by adding a vector,
(
h
1
(
x
i
)
,h
2
(
y
i
))
, to each ship's position,
(
h
2
can only be computed by
some users, then only those users can find the position of the
ship with the highest level of precision. One possible solution
is to use
x
i
,y
i
)
. fthevaluesof
h
1
and
h
1
(
x
)=
SHA
256(
name, password, x
)
,where
name
is
the name of the ship and
is some secret password.-
A technique like this might be useful if a shipping company
password
The HMAC is a
mechanism for hashing
a longer document with
akey.Itisthebest
technique for mixing a
key into a generic hash
function. [Pro, NN06,
BCK96b, BCK96a]
wants to dispense positions with rough accuracy to the general
public so they can track the movement of their goods, but keep
the greatest accuracy for internal use.
•
An image royalty company might want to piggyback on the
wide-open, public databases like
flickr.com
by embedding
sales information inside an image. They might add prices and
copyright information inside the image so anyone browsing the
site could get immediate royalty information.
20.3.1 One-Way Functions and Steganography
The paradigm of encrypting columns in a database can be converted
into a tool for hiding information in plain site. Instead of storing the
table in some distant database, why not distribute the entire thing
and let the user find the right rows?
Imagineatablewith
n
rows much like the table like the one in
Section 20.2.1 where
1
rows are made up of random information
and one row contains the true signal. A legitimate user can find
n −
