Using asymmetric encryption
I read a front-end program that would take sensitive data, say a social security number, and store parts of it in different databases, aaa-bb-cccc for instance and encrypt each part/database with a different key. If by chance a user could access the information, the users would only have part of the encrypted data with a dissimilar key. Therefore, breaking the crypto apart would not compromise the other portions. Could you tell me more about this?
It sounds like you're thinking of an asymmetric (public/private key) encryption system where the information is encrypted with a different key than it is decrypted with. There wouldn't be very much additional security provided by breaking up a chunk of data and encrypting it separately. You'd only end up increasing the surface area of a directed clear text attack on the cipher.
In the classic asymmetric encryption tiered-server scenario, the front-end (or middle tier) application would have access to the public key and use this to encrypt the data. Then, a second system (presumably more secure) would have access to the private key for accessing this data (such as the SSN info). In this way, if the front end was compromised and the data was extracted from the database, the data would be useless without the private key. Since it does not exist on the front end nor the database, the attacker would still need to find this "secure" server with the private key in order to access the data.
This was first published in August 2006