Package description: Package to allow hashing of encrypted data for searching
Install via composer
composer require custom-d/hashed-searchphp artisan vendor:publish --provider="CustomD\HashedSearch\ServiceProvider"In your model add the use CustomD\HashedSearch\Contracts\HasSearchableHash; trait and add a new property protected $searchableHash = ['bank_name'];
Eg:
<?php
namespace App\Models;
...
use CustomD\EloquentModelEncrypt\ModelEncryption;
use CustomD\HashedSearch\Contracts\HasSearchableHash;
class EncryptedModel extends Model
{
use ModelEncryption;
use HasSearchableHash;
protected $searchableHash = ['encryp_column_1','encypted_column_2'];
...
}Now on each save event, it will update the search hash for those columns.
To search:
EncryptdModel::searchHashedField('encryp_column_1','clear text here');You can manually has items by running the follwing code:
\CustomD\HashedSearch\Facades\HashedSearch::create('string to hash');the \CustomD\HashedSearch\Facades\HashedSearch Class has the following methods
- create(string $value, string $saltModifier = "" ): ?string
- setSalt(string salt): SELF
- setTransliterator(string rule): SELF
- setHashes(?string $cypherA = null, ?string $cypherB = null): SELF
An important consideration in searchable encryption is leakage, which is information an attacker can gain. Blind indexing leaks that rows have the same value. If you use this for a field like last name, an attacker can use frequency analysis to predict the values. In an active attack where an attacker can control the input values, they can learn which other values in the database match.
Here’s a great article on leakage in searchable encryption. Blind indexing has the same leakage as deterministic encryption.