Data processing systems with format-preserving encryption and decryption engines
First Claim
1. A method for encrypting a data string to produce a corresponding encrypted data string using a format-preserving block cipher on a data processing system, comprising:
- wherein the data string contains characters and has a format specifying a legal set of character values for each of the characters of the data string, wherein the data string contains a first string of characters that has a first format specifying a legal set of character values for each of the characters of the first string and contains a second string of characters that has a second format specifying a legal set of character values of each of the characters of the second string;
with a format-preserving combining operation, combining a first subkey with the first string of characters while preserving the first format of the first string of characters; and
with the format-preserving combining operation, combining a second subkey with the second string of characters while preserving the second format of the second string of characters.
11 Assignments
0 Petitions
Accused Products
Abstract
A data processing system is provided that includes format-preserving encryption and decryption engines. A string that contains characters has a specified format. The format defines a legal set of character values for each character position in the string. During encryption operations with the encryption engine, a string is processed to remove extraneous characters and to encode the string using an index. The processed string is encrypted using a format-preserving block cipher. The output of the block cipher is post-processed to produce an encrypted string having the same specified format as the original unencrypted string. During decryption operations, the decryption engine uses the format-preserving block cipher in reverse to transform the encrypted string into a decrypted string having the same format.
-
Citations
12 Claims
-
1. A method for encrypting a data string to produce a corresponding encrypted data string using a format-preserving block cipher on a data processing system, comprising:
wherein the data string contains characters and has a format specifying a legal set of character values for each of the characters of the data string, wherein the data string contains a first string of characters that has a first format specifying a legal set of character values for each of the characters of the first string and contains a second string of characters that has a second format specifying a legal set of character values of each of the characters of the second string; with a format-preserving combining operation, combining a first subkey with the first string of characters while preserving the first format of the first string of characters; and with the format-preserving combining operation, combining a second subkey with the second string of characters while preserving the second format of the second string of characters. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
Specification