Encryption Algorithms


Next Steps
Overview Algorithms Format Preserving Encryption Hashing Key Management

Both IRI's FieldShield and CoSort products encrypt data in tables and files at the column (field) level with a choice of proven algorithms:

Algorithm Application
AES-128, AES-256,
with and without FPE
Compliant with NSA's Suite B-level security, IRI's 128 and 256-bit Advanced Encryption Standard (AES) are implemented in FieldShield and CellShield (as well as CoSort and Voracity). Produce either standard ciphertext, or width- and format-preserving encryption (FPE) results that maintain the original appearance of the column value. Use your own passphrase string, file or environment variable as an encryption key. The ciphertex contains printable characters for processing and display and, in the case of FPE, retains the original format of the data.
Asymmetric encryption and decryption routines enable users to locate and make use of public key ring files on central servers. IRI's GPG implementation is PGP-compatible.
Symmetric encryption and decryption routines enable users to locate and make use of public key ring files on central servers, EBC, and OpenSSL implementations.
IRI uses the OpenSSL FIPS Object Module for AES and 3DES to conform to the FIPS 140-2 computer security standard, under the NIST Cryptographic Module Validation Program.
Support for custom, field-level transformations in the FieldShield and CoSort (SortCL) products also means that you can specify your own encryption keys, alternate encryption library, or other field protection functions. So, if you prefer Twofish or any other algorithm, use it.

Other Protection Functions

In addition to encryption, FieldShield and SortCL support the use of field-level de-identification routines, bit-level manipulation and other anonymizing masking functions, hashing, lookup pseudonymization, conditional value filtering, and wholesale field redaction.

To improve protection and verify compliance with privacy regulations, you can also specify production of a query-ready audit trial. The XML log records every job script, including paths and names of the encryption libraries you used, and the protection function you applied to each field.

Request More Information

Live Chat

* indicates a required field.
IRI does NOT share your information.