×

Data processing systems with format-preserving encryption and decryption engines

  • US 7,864,952 B2
  • Filed: 12/06/2006
  • Issued: 01/04/2011
  • Est. Priority Date: 06/28/2006
  • Status: Active Grant
First Claim
Patent Images

1. A method for encrypting a data string using an encryption engine in a data processing system, comprising:

  • obtaining a data string containing characters, wherein the data string has a format specifying a legal set of character values for each of its characters;

    processing the data string to remove any extraneous characters from the data string that are present, wherein the processed data string contains a left-half string of characters that has a left-half format specifying a legal set of character values for each of its characters and contains a right-half string of characters that has a right-half format specifying a legal set of character values of each of its characters;

    encoding the processed data string using at least one index of sequential index values each of which corresponds to a respective one of the character values in the legal set of character values for the characters of the data string, wherein the encoded data string includes an encoded version of the left-half string of characters and an encoded version of the right-half string of characters;

    encrypting the encoded data string using a format-preserving block cipher, wherein the format-preserving block cipher receives the encoded data string as input and produces a corresponding encrypted encoded data string as output, wherein encrypting the encoded data string using the format-preserving block cipher comprises using a subkey generation algorithm and a format-preserving combining operation to process the encoded data string, wherein the subkey generation algorithm receives a key as an input, wherein the subkey generation algorithm is used in generating at least first and second subkeys, wherein the format-preserving combining operation preserves the left-half format of the left-half string of characters when combining the encoded version of the left-half string of characters with the first subkey, and wherein the format-preserving combining operation preserves the right-half format of the right-half string of characters when combining the encoded version of the right-half string of characters with the second subkey; and

    using the index, decoding the encrypted encoded data string to produce a decoded encrypted data string with characters in the legal set of characters.

View all claims
  • 14 Assignments
Timeline View
Assignment View
    ×
    ×