Comment by michaelt

9 months ago

Hash-based solutions aren't as easy as we might hope.

You store a hashed version of my SSN, or my phone number, to represent my opt-out? Someone can just hash every number from 000-00-0000 to 999-99-9999 and figure out mine from that.

You hash the entire contents of the profile - name+address+phone+e-mail+DOB+SSN - and the moment a data source provides them with a profile only containing name+address+email - the missing fields mean the hashes won't match.

A trusted third party will work a lot better IMHO.

And of course none of the data brokers have much reason to make opt-outs work well, in the absence of legislation and strict enforcement - it's in their commercial interests to say they "can't stop your data reappearing"

10 comments

michaelt

Reply
makmanalp  9 months ago

> Someone can just hash every number from 000-00-0000 to 999-99-9999 and figure out mine from that.

That's what salts are for, right? It wouldn't be too hard to issue a very large, known, public salt alongside each SSN.

> And of course none of the data brokers have much reason to make opt-outs work well, in the absence of legislation and strict enforcement - it's in their commercial interests to say they "can't stop your data reappearing"

This is the actual reason, IMHO.

  • ses1984  9 months ago

    If the salt is public, what’s the point, then you can get all the salts, and combine them with every possible ssn, and you’re back where you were before.

    • makmanalp  9 months ago

      No, that is kind of the point of a salt is that it doesn't need to be hidden - it's designed for a scenario where e.g. your database is hacked and they're visible as plaintext: https://en.wikipedia.org/wiki/Salt_(cryptography)

      Since the salts are random, unique to each SSN and long: a) you'll find no existing rainbow table that contains the correct plaintext for your SSN hash and b) each SSN now requires its own bruteforcing that is unhelpful for any of the other SSNs

      Combine that with a very expensive hashing method like PBKDF2 (I'm sure there's something better by now) and you've made it pretty dang hard for non state actors to bruteforce a significant chunk of SSNs. There's also peppers that involve storing some more global secrets on HSMs.

      I'm sure the crypto nerds have like a dozen better methods than what I can come up with but the point is this is not a feasibility issue.

      3 replies →

    • rjmunro  9 months ago

      "all the salts" * "all the SSNs" becomes a very big number. With a large enough but still reasonably sized salt, you can engineer it so that hashing all combinations takes an amount of time greater than the age of the universe even if you use all the computers in the world.

      1 reply →