encryption with python

[Steven D'Aprano]

On Wed, 07 Sep 2005 14:31:03 -0700, jlocc wrote:

> Basically I will like to combine a social security number (9 digits)
> and a birth date (8 digits, could be padded to be 9) and obtain a new
> 'student number'. It would be better if the original numbers can't be
> traced back, they will be kept in a database anyways. Hope this is a
> bit more specific, thanks!!!


There are "one-way" encryption functions where the result can't easily be
traced back to the input, but why do you need the input anyway? Here is my
quick-and-dirty student ID algorithm:

last_number_used = 123  # or some other appropriate value

def make_studentID():
    global last_number_used
    last_number_used = last_number_used + 1
    return last_number_used

For a real application, I'd check the database to see if the number has
already been used before returning the number. Also, if you need more
than four digits in your IDs, I'd add a checksum to the end so you can
detect many typos and avoid much embarrassment.

Since the ID is entirely random (a factor of what order the students are
entered into the database) no attacker can regenerate their SSN from their
student ID. At worst, an attacker might be able to work out roughly what
day they were added to the database. Big deal. And if that is a problem,
you might do something like this:

last_number_used = 12345
usable_IDs = []

def make_studentID():
    global last_number_used
    global usable_IDs
    if not usable_IDs:
        # generate another batch of IDs in random order
        usable_IDs = range(last_number_used, last_number_used + 1000)
        usable_IDs.sort(random.random())
        last_number_used += 1000
    return usable_IDs.pop()

In a real application you would need to store the global variables in a
database, otherwise each time you reload the Python script you start
generating the same IDs over and over again.


-- 
Steven.