- Oct 30, 2014
Really bad idea imho, there are only a relatively small number of phone numbers possible so it would be relatively easy to brute force a simple hash. Not sure beyond that though, the hashes re-hashed with another key would work but would put all the trust on the key holder, needs someone with crypto knowhow.If you are going to the SMS route you don't actually need to store the Phone Number. Instead, you can store a Hash of the Phone Number, this way you can still check whether the Number has been used before without needing to store it. Though of course is pre supposed a certain level of trust in you. It's mostly to your own advantage if for example a government comes asking for that data you can honestly answer that you don't have it.