Hashing SSNs and other limited-domain information

If you seriously want to hash a social security number in a secure way, do this:

  1. Find out how much entropy is in an SSN (hint: there is very little. Far less than a randomly chosen 9 digit number).
  2. Use any hashing algorithm.
  3. Keep fewer (half?) bits than there is entropy in an SSN.

Result:

  • Pro: Secure hash of an SSN because of a large number of hash collisions.
  • Pro: Your hashes are short and easy to store.
  • Con: Hash collisions.
  • Con: You can't use it for a unique identifier because of Con#1.
  • Pro: That's good because you really really need to not be using SSNs as identifiers unless you are the Social Security Administration.

The algorithm for generating Social Security Numbers was created before the concept of a modern hacker and as a consequence they are extremely predictable. Using a SSN for authentication is a very bad idea, it really doesn't matter what cryptographic primitive you use or how large your salt value is. At the end of the day the "secret" that you are trying to protect doesn't have much entropy.

If you never need to know the plain text then you should use SHA-256. SHA-256 is a very good function to use for passwords.