Technically a substitution lookup table (like is proposed at the end) is analogo... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mjevans on April 30, 2018 \| parent \| context \| favorite \| on: The False Allure of Hashing for Anonymization Technically a substitution lookup table (like is proposed at the end) is analogous to one-time-pad 'encryption'. In this case the 'pad' is only used within a single (extended time domain) context and is presumably selectively exposed and used only in a contexts where intercepting the context already reveals that data anyway. Additional security could be added by making a session-unique identifier (not based on user, chronological, or external context data) and only having the master lookup table for user to sessions in an elevated security environment.

cvwright on April 30, 2018 [–]

Yeah, it sounds a lot like deterministic encryption. Which is OK if your input data is essentially uniform random.

But if it's not, and your adversary knows the distribution of the input data, then the protection level is pretty close to zero.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact