FORMAT-PRESERVING ENCRYPTION

GO BEYOND CLASSIC ENCRYPTION 

Data encryption is everywhere

Chances are you sent encrypted data today.

Classic encryption technologies have a long history as a means for protecting sensitive data. 

When encrypting data, plaintext values are obscured and thereby protected. Whoever holds the proper keys gets access sensitive information. But this can also present a challenge.

The impact of classic encryption

It has real consequences for your data and operations.

With classic encryption, you can't configure the format of the protected element. Furthermore, it has a different length and typically contains values of a completely different character set.

All this sounds good until you go about trying to work with encrypted data in your business workflows. Changing the format of data elements causes problems.

How? Existing infrastructures are often designed in a way that the format of each data element is predefined and limited to the typical maximum length.

Format preservation is key

A better way to encrypt.

Format Preserving Encryption extends classic-encryption algorithms (typically AES) in a way that makes them format-preserving.

This results in data that doesn't break existing databases, message formats, and applications. That means you can still process and analyze the data while it is encrypted.

Note: Some FPE algorithms are declared to be not secure. comforte is ensuring that our protection methods are verified by independent cryptoanalysts.

Sharing the secret

More than meets the eye.

Classic encryption is well known for requiring the sharing of protection secrets, which often necessitates complex key management.

Sharing a protection secret with unsecured entities increases the risk of sensitive information being breached. It's another attack vector.

comforte’s format-preserving protection is implemented with a central system that comes with various layers of isolation to protect access.

comforte's format-preserving protection helps organizations worldwide to achieve compliance while reducing costs and development effort.

Are they really different?

Yes. Protection methods not only vary in how they change the data. You should consider far more when choosing the right mechanism for a specific use case.

Read this e-book to learn more about protection methods and their use cases.

Download E-Book

Henning Horst

Chief Technical Officer

phone: + 49 611 93199 00

email: info@comforte.com

Talk to us about our format-preserving encryption capabilities.