Data Encryption

This page covers what you need to make data be encrypted before being sent to the database, as well as how to later decrypt the data.  You might want to do so in cases where the data you collect is confidential, especially if you are running measures on a demo study, since many people will access to the data.  There are several steps.

1.  Generate your encryption keys:

Go to http://www.random.org/cgi-bin/randbyte?nbytes=1024&format=hex and copy everything (should be a big set of numbers).  Then go to http://shop-js.sourceforge.net/crypto2.htm and paste the big set of numbers in the "Random Seed" text box.  In the "key bytes" you can enter how long to make the key.  Longer keys will make it take longer for the participants' browsers to encrypt their data, but will provide extra security.  Using 64 bits is recommended.

After entering your "key bytes", use the "GenerateKey" button to generate your encryption key.  You will see 5 numbers generated.  P*Q and E are used for encrypting the data, and D, P, and Q are used to decrypt it.  Store these numbers in a safe place, since if you lose them you will not be able to decrypt your data, and if other people get access to them then they can decrypt your data, potentially violating your participants confidentiality.  Don't store any files with P, Q, or D on dev2, since files there are public.

2.  Decoding your data / testing your keys:

For this you can download the email_decoder.html file below.  Near the bottom you will see:

function encrypt(box) {
//rsaEncode ([e],p*q],box.value);
 box.value=rsaEncode([e],[p*q],box.value);
}
function decrypt(box) {
// key = [ [d], [p], [q] ];
var key=[[d],[p],[q]];
 box.value=rsaDecode(key,box.value);

Just enter in the values you generated in place of the letters and you can open it in a browser to encode and decode data.  So the encrypt function might end up with

box.value=rsaEncode([17],[148299941,57683965,5687041],box.value);

You can use this to test the encoding and decoding functions to make sure that you entered everything in correctly.  Keep the file local, DO NOT upload it to dev2, since it contains your private keys that would allow anyone to decode your sensitive data

3.  Change your html to encrypt the fields that you want (see email_encrypter.html below).  Things your file will need:

<script language="JavaScript" type="text/javascript" src="/implicit/common/en-us/js/encryption.js"></script>

<script>

function encrypt(box) {
//rsaEncode ([e],p*q],box.value);
 box.value=rsaEncode([e],[,p*q],box.value);
}

</script>

in the <head> section somewhere.  replace the e and p*q with the values you generateed earlier.  So the result might look like  box.value=rsaEncode([17],[148299941,57683965,5687041],box.value);  This is the exact same function as used in the decrypter file, so if the decoder works for you, you can copy it here.

Next replace your writeButton("Continue") line with the following:

<div style="visibility:hidden;">
 <h1 align="center"><script language="JavaScript" type="text/javascript">writeButton("Continue");</script></h1>
</div>
<INPUT TYPE="button" NAME="fakecontinue" VALUE="Proceed" onClick="encrypt(document.frm.email);document.frm.submit_system.click();">

This will make a fake continue button that will encrypt the fields when you click it, and then send the participants to the next task.  You will need to change form1 to whatever you named your form in the

<form method="POST" name="frm" action="/implicit/Study">

Also, change the field name.  Right now it is email, but it can be whatever question that you want to encrypt.  To encrypt multiple fields you would do something like : onClick="encrypt(document.frm.name);encrypt(document.frm.quest);encrypt(document.frm.color);document.frm.submit_system.click();" just adding a "encrypt(document.frm.QUESTION); " for each item to encrypt.  Make sure to test the time it takes on a slower computer if you encrypt many fields.

That's all you need to do for this part.

Other things to note:

• Using this encryption system, the encoding will be different every time.  So if I enter my name as Bob, it might be saved as fsdjkfskjfdjk, but if I retake the study then Bob might be saved as sgojigslkneg.