How to search database columns encrypted by libSodium?

Question

I am using SODIUM to encrypt personal data stored in a database. I can encrypt and decrypt happily the data stored. I am encrypting first and last names, telephone numbers, email addresses etc. when storing in the database.

However I don't know how to search the encrypted data. Can anyone give pointers for encrypting data and then being able to search for it?

For example I need to search by first name, last name etc. but this is encrypted.

I'm using this code to search and thought 'stupidly' of encrypting the name but of course that re-encrypts it and its then different to the actual record.

public function searchStaff($string) {
  $this->db->query('SELECT * FROM staff WHERE lastName IN (:unEncrypted, :encrypted)');
  $this->db->bind(':unEncrypted', $string);
  $this->db->bind(':encrypted', $string);
  $results = $this->db->resultSet();
  return $results;
}

I'm not sure how to even go about this, my only thought so far is to decrypt each row, check, and return but this is such a obviously flawed way of looking at it, especially when the table gets bigger!

I am using the code below to create the encrypted entry in the column. My only thought currently is to store the $nonce in the database row and use that to decrypt each row in turn? But this is going to creat massive overhead??

How do people ensure the security of personal data?

//create random number
$nonce = random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);

//encrypt the input
//to encrypt the value we pass it to sodium_crypto_secretbox() with our key
//and a $nonce. The nonce is generated using random_bytes(), because the 
//same nonce should never be reused.

$cipher = sodium_crypto_secretbox($data, $nonce, CRYPTOKEY);

//This presents a problem because we need the nonce to decrypt the value 
//later.
//Luckily, nonces don’t have to be kept secret so we can prepend it to our 
//$ciphertext then base64_encode() the value before saving it to the 
//database.

$encoded = base64_encode($nonce . $cipher);

sodium_memzero($data);

return $encoded;

Answer 1

Fundamentally ... if the data is encrypted, you can't search it. Decrypting every record to see if it contains a particular value is quite unmanageable.

In this case I would argue that encryption is unnecessary. Truly-secret information such as credit card numbers might need to be encrypted eg to meet "PCI Compliance" standards, but these data are never "searched." I see no value in encrypting things like names and addresses. Simply ensure that the access control rules are appropriate for your database.