Home » Solutions » Field Protection » Superior Algorithms
Superior Algorithms 
» Solutions
Business Intelligence
Data Governance
Data Transformation
ETL/DB Acceleration
Field Protection
Encryption/Decryption
Filtering/Redaction
Anonymization
De/Re-Identification
Pseudonymization
File Interchange
Sort Migration
Test Data/Files
» Resources
case studies Case Studies
white papers White Papers
make text smaller make text larger print this pageemail this page
Choose 256-bit AES and/or Other Encryption Functions

Both IRI's FieldShield product and CoSort SortCL tool can protect data in files -- down to the field level -- with any encryption library - your own or those that ship with the tools:

AES-256 Encryption Algorithms
To satisfy the NSA's Suite B-level security expectations, IRI includes the best -- 256-bit Advanced Encryption Standard (AES) implementations in both FieldShield and CoSort (SortCL) that produce either standard ciphertext, or width and format (type) preserving encryption that maintains the original format of the sensitive data.

You can use your own pass phrase strings or files for encryption keys. The encrypted output field ciphertext uses printable characters for processing and display, and in the case of format-preserving encryption (FPE), maintains the original format of the data (so an encrypted social security number looks like the unencrypted one, in ###-##-#### format).

Field-specific pass phrases can be used to generate keys for encryption and decryption. Therefore, the only one who can decrypt a given field is the person possessing the right library and pass phrase. IRI can help you secure the encryption key, and work with third-party key management systems.


GPG / PGP Encryption (and Keyring Management)
New asymmetric encryption and decryption routines (compatible with PGP) enable users to locate and make use of public key ring files on central servers.


Custom Encryption Functions
Support for custom, field-level transformations in the FieldShield and CoSort (SortCL) products also means that you can specify your own encryption keys, alternate encryption library, or other field protection functions -- anywhere throughout your file descriptions. So, if you prefer Twofish, 3DES, or any other algorithm, use it.


Other Protection Functions
In addition to encryption, FieldShield and SortCL support the use of field-level de-identification routines, bit-level manipulation and other anonymizing masking functions, lookup pseudonymization, conditional value filtering and wholesale field redaction.

To improve protection and verify compliance with privacy regulations, you can also specify production of a query-ready audit trial. The XML log records every job script, including paths and names of the encryption libraries you used, and the protection function you applied to each field.

See also:
FAQ > Data Privacy
Encryption/Decryption
Encryption/Decryption > Best Practices
Encryption/Decryption > Format-Preserving Encryption
Encryption/Decryption > Simultaneous Transforms and Reports
Solutions > Field Protection
Solutions > Data Governance > Verifying Compliance
Products > FieldShield
Products > FieldShield GUI
Products > CoSort > SortCL

Request More Info:

* IRI WILL NOT share this info