Storing scrambled Social Security numbers

Question

I need to store a social security number in the unique scrambled state...

The reason: I would require social numbers, but I do not want to store them open in case if database gets compromised.

I want to convert Social Security number into string of alphanumerics and I prefer this to be a one-way process.(not reversible)

Then, when I search for existing SSN numbers, I would use the same algorithm again for user-input, scramble the SSN and will search the database using alphanumeric string.

In php, I could do something like that

function maskSSN($SSN) {
    $salt = sha1(md5($SSN));
    $SCRAM = md5($SSN . $salt);
    return $SCRAM;
}

But I do not think that would produce unique values

Answer 1

If you can store the full hash (not truncated) you shouldn't have any collisions with a 9 digit SSN using most secure hashes.

To keep the hashes from being brute forcible use HMAC-Sha1 or HMac-Sha256 with a secret key. Here is a related answer that involved phone numbers and anonymizing data https://stackoverflow.com/a/15888989/637783

An AES-256 result wouldn't be usable later with out decryption, as AES-256, properly and securely used, produces different results for the same input. However, it could be used reasonably in a relational table in which your ssn was encrypted and stored against a primary key which other tables are referencing the key instead.

The later option would allowed you to rotate your keys pretty simply too, over time.

Answer 2

With something with as little entropy as SSNs, I wouldn't recommend storing them unencrypted or hashed. It would be very feasible to brute force the SSNs if an attacker steals your database.

Instead you should encrypt the SSNs with AES-256 or better. Check out this SO question for more info about proper storage of the crypto key: Storing encryption keys -- best practices?