fbpx

Knowledge Base

Search Knowledge Base

KB #240005: Cannot Perform Case-Insensitive Compare on Encrypted Strings Using APIs

Type: Tip
Summary:
This article explains why you cannot do a case-insensitive compare on encrypted strings and suggests a work-around.
Additional Information:
Note: This applies only if you are using the optional APIs. This does not apply if you are using whole-database encryption, which is completely transparent.The encryption process transforms strings into random binary buffers. For example, take the following plaintext strings:

string1 = "David Byrne" 
string2 = "DAVID BYRNE"

In order to do a case-insensitive compare, the program simply converts them both to upper case. E.g.,

if upper(string1) = upper(string2)

This might actually happen automatically, depending on your platform and program settings.

In memory, these strings are completely different. For instance, uppercase ‘A’ is represented internally as hex 41, while lowercase ‘a’ is hex 61. Therefore, when encrypted these strings become completely different values. For example, string1 might encrypt to:

"hd@Weo%32eR"

while string2 might encrypt to:

"(12u9u$jHc*"

Clearly, converting them to uppercase in order to compare them would have no meaning.

If you wish to do case insensitive compares you must do one of two things:

  1. Always store the values in the same case, i.e., always upper, lower, or proper (first letter of each word).
  2. Decrypt before comparing

 

Last modified: 1/13/2016

Top