Skip to content

Commit 8042697

Browse files
nelsonicnelsonic
committed
create table to illustrate hashing vs encryption for dwyl/auth#169 
1 parent bad211a commit 8042697

File tree

1 file changed

+33
-3
lines changed

1 file changed

+33
-3
lines changed

README.md

Lines changed: 33 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -396,8 +396,10 @@ iex(4)> Fields.Helpers.hash(:sha256, email)
396396
17, 97, 146, 103, 115, 3, 185, 230, 137, 218, 137, 209, 111, 48, 236>>
397397
```
398398
399-
The hash _value_ is identical for the given text.
400-
If you use the `Fields.EmailHash` function,
399+
The hash _value_ is identical for the given input text
400+
in this case the the email address `"[email protected]"`.
401+
402+
If you use the `Fields.EmailHash.dump/1` function,
401403
you will see the same hash value
402404
(_because the same helper function is invoked_):
403405
@@ -412,8 +414,35 @@ iex(6)> Fields.EmailHash.dump(email)
412414
17, 97, 146, 103, 115, 3, 185, 230, 137, 218, 137, 209, 111, 48, 236>>}
413415
```
414416
417+
When the `EmailHash` is stored in a database
418+
we can lookup an email address by hashing it
419+
and comparing to the list.
420+
421+
The best way of _visualizing_ this
422+
is to convert the hash value (bitstring)
423+
to `base64` so that it is _human-readable_:
424+
425+
426+
```elixir
427+
iex(1)> email = "[email protected]"
428+
"[email protected]"
429+
430+
iex(2)> Fields.Helpers.hash(:sha256, email) |> :base64.encode
431+
"X/v7zLU77wTawSMU34PbZR4RYZJncwO55onaidFvMOw="
432+
433+
iex(3)> Fields.Helpers.hash(:sha256, email) |> :base64.encode
434+
"X/v7zLU77wTawSMU34PbZR4RYZJncwO55onaidFvMOw="
435+
```
436+
437+
Imagine you have a database table called `people` that has just 3 columns: `id`, `email_hash` and `email_encrypted`
415438
416439
440+
| `id` | `email_hash` | `email_encrypted` |
441+
| ----- | ------------- | ----------------- |
442+
| 1 | X/v7zLU77wTawSMU34PbZR4RYZJncwO55onaidFvMOw= | MDAwMc57Y1j0nhwOdw7EvNeUVEfYQoAr7aT6oX |
443+
| 2 | +zXMhia/Z2I64nul6pqoDZTVM1q2K21Pby6GtPcm9iE= | MDAwMXnS1uwGN/cZRFkQgArm2Sbj9y+hnUJIS7 |
444+
| 3 | maY4IxoRSOSqm6qyJDrnEN1JQssJRqRGhzwOown4DPU= | MDAwMa4v0FBko++zqfAkfisXOLosQfrDLAdPax |
445+
417446
418447
<!--
419448
@@ -431,8 +460,9 @@ The `IV` is included in the `bitstring` returned by `AES.encrypt/1`
431460
which could be split and stored separately in a high security system.
432461
We are storing them together for now as we feel that having a unique key
433462
stored in a Key Management System (KMS) is adequate for our needs.
434-
-->
463+
435464
436465
437466
### How does
438467
468+
-->

0 commit comments

Comments
 (0)