Reputation: 1943
What is a simple but somewhat effective way to "obfuscate" numeric values?
Let's say I have an Access database table that has 2 columns: one is ID (from 1 to 20000, sequentially and each is unique) and one is Value (any number from 0 to 500).
How do I obfuscate the Value field (using ID or not using ID) in a simple but somewhat effective way? I expect something slightly more effective than ROT13 obfuscation but not so complicated that decoing needs more than one line of code. The decoding is done in C# code. The obfuscation is done via calculated field in Access.
I changed the "encryption" to "obfuscation" to reflect the simplicity of the goal which is NOT to prevent "attack" but only to avoid careless exposure of data.
Upvotes: 2
Views: 1987
Answers (2)
Reputation: 7452
what is your goal/attacker profile? If your requirement is anything more than stopping casual viewing you have imposible requirements... if you only care about stopping casual viewing (which is better termed obfuscation than encryption) you could try something like
b = a % 7 == 0 ? ((a/7)*991) : a % 2 == 0 ? ((a/2)*787) : a * 317
and on the other end
b = a % 991 == 0 ? ((a/991)*7) : a % 787 == 0 ? ((a/787)*2) : a/317
Note that this is very weak but your requirements exclude any useful form of encryption.
Upvotes: 6
Reputation: 35363
For a number from 0 to 500, encryption is essentially useless.
First, the length is too short to effectively encrypt using normal means such as XOR. Once you know the value of one value, you can likely re-create the key to decrypt others. Encryption works best when you're working with a large original piece of data.
Second, if the data is available to a user in Access, the encryption algorithm will be too, at least to a determined person. If they can see the calculation used to encrypt the value, they can probably create their own decryption algorithm.
Third, with only 501 possible values, the value is highly prone to a dictionary attack -- i.e., someone just guessing each value, and they'll on average only have to guess 250 times. That's fewer than even a simple 3-digit lock on a briefcase. So, encrypting probably won't do you much good.
Upvotes: 7
Related Questions
- Simple insecure two-way data "obfuscation"?
- Integer ID obfuscation techniques
- C# Trying to Obfuscate a Number via Parsing
- How to obfuscate an integer?
- Obfuscating an integer column
- Create a secure hash that hides an int value in C#
- Encrypting a string of numerics into a string of alphanumerics
- Is there an encryption method for a column with a data type of int?
- C# method for encoding numbers such as 12 to obfuscated strings such as JH21EW3C or whatever
- Encrypting and Decrypting Numbers with .NET