wayner.org

This new version of the bestselling classic includes four new chapters and updated versions of the originals. The book is still designed to help the world build databases that answer useful questions without keeping any useful information around. The examples show how most databases don't need to be filled with the world's secrets and personal information. If the client uses the right amount of encryption, the databases don't need to be dangerous one-stop shopping for the identity thieves and others who with malice aforethought.

The new chapters are:

• Fuzzy Hashing -- Many of the techniques in the book rely heavily on one-way functions like SHA256, a very precise mathematical function that is very sensitive to a change in as little as one bit in the input. These fuzzy techniques are more forgiving and, alas, less secure.
• XML -- There are a number of nice techniques developed by the XML community to put XML data into a canonical form. These are useful when data needs to pushed through a cryptographically secure hash function because even the smallest change can confuse the function. These canonical tools eliminate many of the small, inconsequential incongruities that are normally tolerated by the XML standard.
• Voting -- Casting and counting votes is an extremely difficult problem. This chapter reviews several ways that we can build election systems that are both auditable and private.
• Zero Knowledge Proofs -- This chapter shows an fascinating example of how the zero knowledge proof systems developed in the 1980s can be used to track traffic scofflaws without endangering the privacy of law abiding citizens.

The rest of the book is more up-to-date with copious warnings against using MD5 and other hash functions that haven't been as strong as we once assumed.

The book is back from the printers. It's available here:

• CreateSpace

And also directly from me if you click below.