It depends on your needs. ENCRYPT, MD5, SHA1 are all hash functions, which means they are one-way and the SSN can't be recovered. This means that you can't read their SSN back once they give it to you, you can only compare something they give you and see if it is the same as the SSN. This is how passwords should be stored. The difference between the three hashes is in their strength, and whether or not they are salted. Preferably, you would use SHA1 w/ a salt, because it provides the strongest protection. (The salt seeds the hash algorithm, so that the same value won't hash to the same value. So, ideally this salt should be based on some other value of the user.) DES is an encryption algorithm, which means that the SSN can be recovered by you (ie: encryption key will also allow decryption), but it also means that if someone else gets your encryption key, they will be able to decrypt it easily, or if you lose your key, you won't be able to recover the SSNs. If you need to encrypt your data, it would probably be better to go with AES or one of the stronger DES variants (3-DES), since normal DES can be broken relatively fast.
joe On Fri, 2002-08-09 at 07:56, John Fulton wrote: > > I need to store SSN's in a MySQL DB. I see a variety of encyption functions: > ENCRYPT(), MD5(), SHA1(), DES_ENCRYPT() and have read the basiscs of how they > work. Is there are "standard way" of storing SSN's in MySQL. > > thanks, > John > > > > --------------------------------------------------------------------- > Before posting, please check: > http://www.mysql.com/manual.php (the manual) > http://lists.mysql.com/ (the list archive) > > To request this thread, e-mail <[EMAIL PROTECTED]> > To unsubscribe, e-mail <[EMAIL PROTECTED]> > Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php > > --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
