Securely storing and searching by social security number

Question

So I\'m working on a supplemental web-based system required by an HR department to store and search records of former personnel. I fought the requirement, but in the end it was

Answer 1

Create a new salt and IV for each record. If you need to dump the data into a report for some reason (hopefully without my SSN in it), you would be able to use the method you describe with the unique salt and IV. If you only need to search on an SSN, you could actually hash it instead of using a reversible encryption (more secure).