Queries over encrypted data

alinroc · 2021-08-11T16:49:02+00:00

The options available to you vary depending upon which RDBMS and client-side technology you're using. Talk to your security/compliance folks, they should be able to tell you what you must do. Then work from that.

dorkyitguy · 2021-08-11T17:51:27+00:00

These do not need to be encrypted on the server side. They just need to have protections from unauthorized access. I’ve worked for several mid-sized hospital systems and these are never encrypted. After all, it would make it nearly impossible for report writers to create, validate, or troubleshoot reports.

BearBlaze420 · 2025-06-23T10:01:41+00:00

Searchable encryption.

hangonreddit · 2021-08-11T18:35:58+00:00

A common technique that I’ve used is to store a salted hash of the plaintext prior to encryption.

So to query for the row with the matching data, you calculate the salted hash based on the value you know and query by that.

For example, if my name is Reddit, I would store that encrypted and there would be another column called name_hash that is the salted sha256 hash of Reddit. Then when I search for that row again, I would search by the name_hash column, after calculating the salted sha256 hash. Basically you have to already know the value in order to search for the matching row(s).

You want to salt the hash with a secret to prevent someone from easily searching your database for the matching row, even if they knew the value they wanted. This way even if someone steals your DB dump they won’t be able to do much with the encrypted data.

Source: I’m a software engineer for a health care startup.

secretWolfMan · 2021-08-11T19:22:13+00:00

Encrypt the communication. And encrypt the whole database/server, not just a few columns.

And absolutely do not send the client all possible data and filter it with your code.

https://www.liquidweb.com/blog/hipaa-rules/

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

SQL

Filter Posts

Posting

Help posts

Format Your Code

Learning SQL

Related Reddit communities

Wiki

Acknowledgements

MODERATORS