Encryption Algorithms

 

Next Steps
Overview Algorithms Format Preserving Encryption Hashing Key Management

The IRI FieldShield data masking product, and the IRI Voracity data management platform that includes it, can encrypt data in tables and files at the column (field) level with a choice of proven algorithms:

Algorithm Application
AES-128, AES-256,
with and without FPE
Compliant with NSA's Suite B-level security, IRI's 128 and 256-bit Advanced Encryption Standard (AES) are implemented in FieldShield and CellShield (as well as CoSort and Voracity). Produce either standard ciphertext, or width- and format-preserving encryption (FPE) results that maintain the original appearance of the column value. Use your own passphrase string, file or environment variable as an encryption key. The ciphertex contains printable characters for processing and display and, in the case of FPE, retains the original format of the data.
GPG
Asymmetric encryption and decryption routines enable users to locate and make use of public key ring files on central servers. IRI's GPG implementation is PGP-compatible.
3DES
Symmetric encryption and decryption routines enable users to locate and make use of public key ring files on central servers, EBC, and OpenSSL implementations.
SSL
IRI uses the OpenSSL FIPS Object Module for AES and 3DES to conform to the FIPS 140-2 computer security standard, under the NIST Cryptographic Module Validation Program.
Custom
Support for custom, field-level transformations in FieldShield or Voracity also means that you can specify your own encryption keys, alternate encryption library, or other field protection functions. So, if you prefer Twofish or any other algorithm, use it.

Other Protection Functions


In addition to encryption, FieldShield and Voracity support the use of field-level de-identification routines, bit-level manipulation and other anonymizing masking functions, hashing, lookup pseudonymization, conditional value filtering, and wholesale field redaction. IRI CellShield supports several of the same functions for encrypting cell values in Excel spreadsheets.

To improve protection and verify compliance with privacy regulations, you can also specify the creation of of a query-ready audit trial with each job. The XML log records every parameter in the job, including paths and names of the encryption libraries used, and the protection functions applied to each field.

Request More Information

Live Chat

* indicates a required field.
IRI does NOT share your information.