On Saturday 10 September 2005 15:02, Ron Adam wrote: > Kirk Job Sluder wrote: > I would think that any n digit random number not already in the data > base would work for an id along with a randomly generated password that > the student can change if they want. The service provider has full > access to the data with their own set of id's and passwords, so in the > case of a lost id, they can just look it up using the customers name > and/or ssn, or whatever they decide is appropriate. In the case of a > lost password, they can reset it and get another randomly generated > password. > > Or am I missing something?
Yes and no. Yes, you are theoretically correct. No, I don't think you have the OP's original needs in mind (though I am mostly guessing here). The OP was obviously a TA who needed to assign students a number so that they could "anonymously" check their publicly posted grades and also so that he could do some internal record keeping. But, I'm thinking no one remembers college here anymore. When I was in college (and when I TA'd) security was kind of flimsy. TAs kept all records of SS#s, etc. (etc. includes birthdays here) in a gradebook (or the rich ones kept them on a 5 1/4" floppy). Grades were reported publicly by full SS#s, usually on a centralized cork-board. That was back in the good-ole-days, before financial fraud was euphemised to "identity theft". When I TA'd several years later, grades were reported by the last n digits of the SS#. Some very security conscious TAs--or was it just me? I think it was just me--solicited pass phrases from each student and grades were reported based on the student generated pass phrase--and not on SS# or the like. These phrases usually came in the form of "Buffs1" or "Kitty1979" (the latter possibly revealing some information about a birthday, perhaps?). Some students didn't submit pass phrases, for whatever reason. I think I did the less convenient of the two most reasonable options, which was to withold reporting the grade to the student until they gave me a phrase. The other option was to use a default pass phrase of the last n digits of the SS#. The idea of combining ID information and encrypting it to create another ID is a quantum leap beyond the primitive "last n digits of the SS#". Does it beat, in theoretical terms, assigning random numbers? No. And it certainly doesn't beat, in theoretical terms, my improved one-time-pad protocol (see my previous email). I challenge even the most capable cryptographer to beat my improved one-time-pad protocol for security (Oh wait, here it is: 1. Destroy Data.) But it is convenient, especially if you discard the original identifying information and store just the hashes. And as far as collisions go, even if a class of 10,000 gives a 1% chance of collision, who is going to TA a class of 10,000 students. If you can promise that kind of enrolment for any department, much less any single class, there is a job in an Economics department waiting for you out there, my friend. So what would be the alternative to ID information generated IDs? Have a 3xDES encrypted database with the SS# and birthday stored as plain-text? Better keep the encryption protocol secret! Oops. Screwed up already. I figured out the encryption protocol: Encrypt database with 3xDES using a secret key. Dang, security through obscurity. All they have to do is to get that secret key and all those records are easily readable. The point is that *something has to be kept secret* for encryption security to work. Theoretically best would be a passphrase, or a passphrase to a really big key. So, perhaps we could modify the algorithm from a few messages back, in order to address the (assumed) *practical* considerations of the OP's original query: import sha def encrypt(x,y, password): def _dosha(v): return sha.new(str(v)+str(password)).hexdigest() return int(_dosha(_dosha(x)+_dosha(y))[5:13],16) So now what is the criticism? That its still a "secret algorithm" because the password is "secret"? James -- James Stroud UCLA-DOE Institute for Genomics and Proteomics Box 951570 Los Angeles, CA 90095 http://www.jamesstroud.com/ -- http://mail.python.org/mailman/listinfo/python-list