如何在 attr_encrypted 中搜索加密字段
How to search an encrypted field in attr_encrypted
我已经在我的应用中 attr_encrypted 为每条记录设置了单独的“iv”。
# Fields
User.e_name
User.e_name_iv
我正在尝试在用户 table 中搜索已知名称。我试过:
User.find_by_name("Joe Bloggs") # undefined method "find_by_name" for Class
User.where("name = ?", "Joe Bloggs").first # column "name" does not exist
User.where(:e_name => User.encrypt_name("Joe Bloggs")) # must specify an iv
如何通过名称查找记录?
虽然可以进行一些搜索,但不是很实用。您可能必须遍历每条记录,尝试每个相应的 IV,直到获得完全匹配为止,这取决于您拥有的记录数量,这不太实用。
你读过自述文件了吗? https://github.com/attr-encrypted/attr_encrypted#things-to-consider-before-using-attr_encrypted
搜索、加入等
While choosing to encrypt at the attribute level is the most secure
solution, it is not without drawbacks. Namely, you cannot search the
encrypted data, and because you can't search it, you can't index it
either. You also can't use joins on the encrypted data. Data that is
securely encrypted is effectively noise. So any operations that rely
on the data not being noise will not work. If you need to do any of
the aforementioned operations, please consider using database and file
system encryption along with transport encryption as it moves through
your stack.
我已经在我的应用中 attr_encrypted 为每条记录设置了单独的“iv”。
# Fields
User.e_name
User.e_name_iv
我正在尝试在用户 table 中搜索已知名称。我试过:
User.find_by_name("Joe Bloggs") # undefined method "find_by_name" for Class
User.where("name = ?", "Joe Bloggs").first # column "name" does not exist
User.where(:e_name => User.encrypt_name("Joe Bloggs")) # must specify an iv
如何通过名称查找记录?
虽然可以进行一些搜索,但不是很实用。您可能必须遍历每条记录,尝试每个相应的 IV,直到获得完全匹配为止,这取决于您拥有的记录数量,这不太实用。
你读过自述文件了吗? https://github.com/attr-encrypted/attr_encrypted#things-to-consider-before-using-attr_encrypted
搜索、加入等
While choosing to encrypt at the attribute level is the most secure solution, it is not without drawbacks. Namely, you cannot search the encrypted data, and because you can't search it, you can't index it either. You also can't use joins on the encrypted data. Data that is securely encrypted is effectively noise. So any operations that rely on the data not being noise will not work. If you need to do any of the aforementioned operations, please consider using database and file system encryption along with transport encryption as it moves through your stack.