0

What is the best one way permutation function I could use to digest an e-mail so I can use it as a primary key without storing personal data?

I'm getting my first F2P game ready: a simple yet (hopefully) addictive 2D casual puzzler based on aiming mechanics. It's made with Unity and will be released on Android very soon.

In order for the player to keep the same data across different devices, I have an SQL table with the device e-mail as the primary key, then another string as the savegame data.

But I don't want to store the user e-mail for privacy reasons.

So I thought of digesting it with some function that would use the original e-mail to generate a new string that:

  • is unique (will never collide with another string generated from a different e-mail address)
  • is not decypherable (there should be no way to obtain the original e-mail from the digested string - or at least it should be hard enough)

This way I could still use the Android device e-mail to retrieve the savegame data, without storing personal data from the player.

As far as I've researched, the solution seems to be called a one way permutation function. The problem is that I can't seem to find an appropriate function on the internet; instead, all answers seem to be plagued with solutions for password hashing, which is very interesting (salting, MD5, SHAXXX...) but don't meet my first requirement of no collision.

Thank you in advance for any answer on this topic.

Marcin Orlowski
  • 72,056
  • 11
  • 123
  • 141
EJSainz
  • 13
  • 2
  • Thanks, I will, but although the answer is very useful it does not meet my first requirement: will never collide. Yes, it's very improbable, but this is a very important requiremente in my case, as I would use this function to identify a user. It wouldn't be very good if anyone would start the game and find other player's savegame - neither would it be for the other player to find that an stranger has erased their savegame data. I fear that if I accept your answer no one else will try to propose a better one. So please understand me if I wait a little longer. Thanks! – EJSainz Jul 15 '16 at 17:47
  • 4
    Ah, I did not realize you were going to have the game extend past the end of the universe, in that case SHA-256 is not sufficient. – zaph Jul 15 '16 at 17:57
  • 1
    But I differ on "very improbable", that does not even cover being a Power Ball winner. Here is a thought experiment, which is more likely: A SHA-256 collision, a severe security bug in your code or a successful attack on you server? – zaph Jul 15 '16 at 18:06
  • 1
    One option is to append a creation time stamp to the SHA-256 hash. – zaph Jul 16 '16 at 12:46
  • Hello, zaph. First and foremost, please don't be angry at me for not responding in the time being. I've been attending my personal life during the weekend. Second, I'd like you to know that I'm a long time game developer. I started my profesional career on year 2000. I've been part of 26 games, from AAA to smartphone, NDS, XBox and PSP. I've also published my own indie games two of them made with my own 2D engine made in C++ and DirectX. Prior to that I made some grapical libraries in C and ASM386, but when DirectX came in I decided that was the way to go. **continues on next comment** – EJSainz Jul 18 '16 at 22:48
  • **continues prior comment** What I'm not is a good mathematician. I certainly can work out calculus, algebra, matrixes, quaternions, etc. - the most used ones in videogames. But now I need something different. SHA-256 is great, but is not enough in my case. That's all. There's no need to be rude just because you believe it is safe enough. You only need 2 e-mails generating the same output for it to fail. Improbable? For sure! But it can just happen. Anyway, I haven't been able to figure out an answer, and, appart from you, no one else has tried. **continues on next comment** – EJSainz Jul 18 '16 at 23:01
  • **continues prior comment**So I'm starting to figure out that what I'm asking for may simply be impossible to achieve - so it's not a coding problem. As for the GUID, as a DirectX 4.0 user I'm familiar with it, but my intention is to recognize the encrypted e-mail as this is the only common data on all the devices of the same owner. So creating a GUID for every device wouldn't help in sharing the savegame data. But in the end, at least your answer is the best approximation to solving my problem. So thank you very much, the answer is yours. – EJSainz Jul 18 '16 at 23:07

1 Answers1

1

What you need is a cryptographic hash function such as SHA-256. Such functions are designed to be collision resistant, Git uses an older version SHA-1. Most languages/systems have support of this, just Google "Android SHA-256" along with your language of choice.

One option is to append a creation timestamp.

Update: Since SHA-256 does not provide sufficient collision resistance consider s GUID, from RFC 4122: "A UUID is 128 bits long, and can guarantee uniqueness across space and time.". Of course you need to find a good implementation.

zaph
  • 111,848
  • 21
  • 189
  • 228
  • Hello, @zaph, and thanks a lot for the answer. I thought of SHA and other hash function, and reading, after consulting with fellow colleagues and reading your answer, I made a little research and found [this answer](http://stackoverflow.com/questions/4014090/is-it-safe-to-ignore-the-possibility-of-sha-collisions-in-practice) on wether it would be an enough good idea to use SHA-256. Looks like that should be good enough, but it's not perfect - so I'll still wait a little just in case a perfect solution arises. If not, the answer is yours :-) . – EJSainz Jul 15 '16 at 12:23
  • Although the answer is not perfect, by now I have no doubt that it is the best approximation to be found. Thank you very much, @zaph :-) . – EJSainz Jul 18 '16 at 23:08