fpe

package module

v0.0.1 Latest Latest Go to latest Published: May 31, 2021 License: MIT Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/owenyuwono/fpe

Links

Open Source Insights

README ¶

Golang FPE (Format Preserving Encryption)

Dependency

golang.org/x/text v0.3.6

Theory

Format preserving encryption (FPE) refers to a set of techniques for encrypting data such that the ciphertext has the same format as the plaintext. For instance, you can use FPE to encrypt credit card numbers with valid checksums such that the ciphertext is also an credit card number with a valid checksum, or similarly for bank account numbers, US Social Security numbers, or even more general mappings like English words onto other English words.

To encrypt an arbitrary value using FE1, you need to use a ranking method. Basically, the idea is to assign an integer to every value you might encrypt. For instance, a 16 digit credit card number consists of a 15 digit code plus a 1 digit checksum. So to encrypt a credit card number, you first remove the checksum, encrypt the 15 digit value modulo 1015, and then calculate what the checksum is for the new (ciphertext) number. Or, if you were encrypting words in a dictionary, you could rank the words by their lexicographical order, and choose the modulus to be the number of words in the dictionary.

Implementation

Current implementation uses the FE1 scheme from the paper "Format-Preserving Encryption" by Bellare, Rogaway, et al.

Ported from node-fe1-fpe which was ported from java-fpe which was ported from DotFPE which was ported from Botan Library.

Installation

go get github.com/owenyuwono/fpe

Basic usage

package main

import (
    "github.com/owenyuwono/fpe"
)

func main() {
    encrypted, err := fpe.Encrypt(10001, 1, "my-secret-key", "my-non-secret-tweak", 3)
    if err != nil {
        panic(err)
    }
    fmt.Println(encrypted) // 5011
}

Considerations

The implementation is as stable as a rock for a modulus up to 10 000 000. It is designed this way because of speed concerns. For larger range, the matter needs to be discussed with the corresponding developers.

Todo

Decrypt function
More verbose documentation

License

Documentation ¶

Index ¶

func Encrypt(modulus, subject int64, key, tweak string, rounds int64) (*big.Int, error)
type Error
- func (e Error) Error() string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Encrypt ¶

func Encrypt(modulus, subject int64, key, tweak string, rounds int64) (*big.Int, error)

Encrypt function masks subject into unique random number less than modulus. Key should be kept secure, and tweak could be altered to generate more uniqueness. Subject argument will take the absolute value, so if it's -1 then it will be processed as 1.

Types ¶

type Error ¶

type Error string

Error is the error type for fpe package errors

var ErrModTooSmall Error = "modulus range is too small"

ErrModTooSmall ...

var ErrNegativeArgs Error = "negative numbers cannot be used as modulus"

ErrNegativeArgs ...

func (Error) Error ¶

func (e Error) Error() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL