Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I\'ve been working on the design of a longitudinal study and one requirement is:

ID: 656202 • Letter: I

Question

I've been working on the design of a longitudinal study and one requirement is:

- all participants will have a unique identifier that
- is not reversible from the data storage/analyst side of the study
- is defined by something easily remembered by a participant that is relatively static over several years, ex. a participant's proper name and birth date in a given format.
- Creation of the unique identifier will occur on the participant's computer and no portion of the defining string will be sent with other collected data

How do I go about meeting this goal?

Initial thoughts are to use bcrypt or something similar but that runs into the problem that if there is a list of possible participant names and birthdays it becomes trivial to determine who participated and their answers. This hypothetical situation is not very likely but concerning.

I've looked into ID based cryptography as a possible answer but the increase in complexity and high likelihood of user error are prohibitive.

Am I missing a simple answer?

Explanation / Answer

There's a simple way to accomplish this with a 2 step hash.

Take a personal identifier for someone SHA256( Firstname Middname Lastname + Birthday) and calculate this on the client side.

Send this hash to a server. Hash this with a single pre-chosen secret of high entropy (128 bits) only known to the programmer and kept secret from any and all researchers. So SHA256(secret+HashOutPutStep1). Store the output in your database as a key for that participant. The secret must of course be the same for any single study. If you like, use a integer unique identifier that maps to the SHA256 generated hash. That would give you an easy reference number for a human to utilize.

This makes it impossible to reverse the hash without knowing the secret, and the results are always the same with the same personal identifier. I believe this solution meets your requirement since the analysts can't reverse this string. The secret must be kept away from analysts, but this is a trivial matter.

Related Questions

I\'ve been trying for two days, but I can\'t wrap my mind around ArrayLists to s
Question #3809417
I\'ve been trying to compile and link these 2 cpp files plus I have a header fil
Question #3725150
I\'ve been trying to design an interface for a data class I\'m writing. This cla
Question #653085
I\'ve been trying to figure out why this code will not compile for at least an h
Question #3643406
I\'ve been trying to find the location of the factors making the perfect numbers
Question #3622535
I\'ve been trying to for hours can someone please show me how to do this! Using
Question #2659491
I\'ve been trying to get why 2 x 10^7 is the answer for the past hour and can\'t
Question #2125437
I\'ve been trying to grok General Relativity for a while now, and I\'ve been hav
Question #1375540
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
I\'ve been working on some piece of software while being \"employed\" by company
Next
I\'ve been working on this ONE function for about a day now. I no longer have ti

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.