Sorry for my dumb question, but it's better to ask dumb question than to do dumb things silently.
I want to encrypt user email in my DB so that if someone stole the DB (and not the key) - he won't be able to restore the email adresses. But I need to be able to find user by email in my DB. And I can't iterate over all the emails in the DB, decrypt each and compare - this is too slow (minutes, hours).
If I encrypt emails with AES with random IV - then each time I encrypt the same email - the encrypted value is different. This is great for security but this way I can't just encrypt the given email and search for a value. If the IV is the same each time - then as far as I understand if attacker have enough encrypted values - he can easily find the key, right?
I was thinking about storing original email hash alongside the encrypted value, but this way attacker will be able to recover original email values by encrypting emails from some dictionary with the same hash algorithm and comparing hash values with values in the DB.
I thought about storing hash of original email+some_fixed_secret. Is this secure? If not - is there a secure solution to my problem?
