I am looking for a solution to store social security numbers securely in a database.
The following references are related:
Especially the second reference was an interesting reading. However, I would like to have more information on the security of this system. Social security numbers (at least in my country) can easily be listed because their format is fixed. So I could create an exhaustive list of all possible social security numbers, and that would be a fairly small list (for example, 70 million). In addition, access to these SSNs must be fast and occurs all the time.
For these two reasons (limited number of SSNs, access must be fast), I doubt that using default password hash algorithms, such as bcrypt, scrypt, argon- 2, the solution.
The HMAC option challenges me because it is fast and the security of the system depends on the security of the secret key. Keeping this key secure is of course not easy, but achievable. Also note that all SSNs are unique, so there will never be duplicate exits.
In this case, is the use of HMAC for storing social security numbers the best solution, or are there better alternatives?