I'm looking to encrypt some fields in my database, but I need to filter those values. ChatGPT suggested storing a hash of the values in a separate field for searching, but I'm wondering if I can still call the field encrypted if I do that?
To give you a bit more context, I want to encrypt sensitive user information like email addresses. I need to ensure that multiple accounts with the same email don't exist, so I plan to keep one field for the encrypted email, which I can decrypt when needed, and another field for the hash to check for duplicates.
I also have other data points, like the political party of the user, where I want to filter for all users associated with the same party. This involves having both an encrypted value for decryption when necessary and a hash for searching purposes.
I think this method might work for what I need, but I'm concerned that having the hashes could undermine the encryption's intent. While it's true that hashes can't reveal the original strings, finite sets of data like political affiliations might still be guessable. What are your thoughts?
1 Answer
No, it's not considered encrypted anymore. The main point of encryption is that you can revert back to the original text, while hashing is a one-way process – you can't go back from a hash. ChatGPT’s approach is useful for matching values, but remember, the hash itself doesn’t encrypt anything.
OP seems to be asking if the encrypted data is still secure even if it has a hash for comparison. The answer is yes, the encrypted data remains secure; just keep in mind that hashing isn't encryption, and they serve different purposes.