Skip to content

Format-preserving encryption preserves the surface format of an identifier

Source: 07-format-preserving-encryption.phisql

PhiSQL

-- Format-preserving encryption preserves the surface format of an identifier
-- while making the value cryptographically opaque. Useful when downstream
-- systems validate identifier formats.

POLICY fpe_ssn;

REDACT SSN WITH FPE_ENCRYPT;

Compiles to

{
  "identifiers": {
    "ssn": {
      "ssnFilterStrategies": [
        { "strategy": "FPE_ENCRYPT_REPLACE" }
      ]
    }
  }
}