Format-preserving encryption: a help but not a panacea

Jeremy Phillips

In “Lock down that data”, William Jackson discusses a recent US incident involving insider threats to personally identifiable information: an employee in the human resources department of the Library of Congress has been charged with conspiring to commit wire fraud after he allegedly stole information concerning at least 10 employees from library databases. Together with a relative he used this data to open the accounts which financed the purchase of $38,000 worth of goods. This highlights the vulnerability of in-house human resources data. HR systems contain everything needed to establish an identity — all in a single location that is frequently unprotected. Moreover, since HR employees have legitimate reasons for accessing that data, good policy and administrative supervision is required — as well as format-preserving encryption.

The idea of format-preserving encryption goes back to at least 1997, explains Jackson who also describes a system developed by Voltage which cycles the field to be encrypted multiple times, disposing of some digits in each cycle until it arrives at an encrypted field in the same format as the original. He concludes, though, that

“No security tool, regardless of how strong it is, should be expected to work without being backed up with the proper policies, enforcement and monitoring. But a strong first line of defense can help save you from having to respond to a breach after the fact”.

Leave a Reply

Your email address will not be published. Required fields are marked *