Encrypt and decrypt sensitive data in a source

Question

Created by @pavan

This pipeline pattern will encrypt fields passed as JSON docs using a defined transform type (AES), and decrypts and gives back the original message. This pattern is useful for encrypting sensitive messages (credit card info, SSN, patients name, DOB etc).

Configuration
Within the JSON Generator, replace “Enter certificate here” with your own certificate.
Sources: JSON
Targets: JSON
Snaps used: JSON Generator, Encrypt Field, Mapper, Decrypt Field

Downloads
Encrypt &amp; Decrypt Fields.slp (9.1 KB)

tstack · Answer

andrew_holbrook:

Once encrypted, do I need to pass all the information onward?

Yes, the information is needed to correctly decrypt the ciphertext.

andrew_holbrook:

Is it a security risk to do so?

No, it’s okay to send the IV in the clear and the rest of the information is used to configure the decryption process.

andrew_holbrook · Answer

@pavan Once encrypted, do I need to pass all the information onward?  Is it a security risk to do so?
ENC {
  "transformation":"AES/CBC/PKCS5Padding",
  "iv":"[MYIV]",
  "type":"STRING",
  "ciphertext":"[MYCIPHERTEXT==]",
  "key_params":  {
    "passphrase":  {
      "key_gen_iterations":10000,
      "key_gen_algorithm":"[ALGORITHM]",
      "key_algorithm":"AES",
      "key_salt":"[SALTKEY]",
      "key_size":128
    }
  }
}:ENC

deepak · Answer

@tstack  I have a similar scenario. Please read through the steps.

We are using Encryption &amp; Decryption in 2 seperate ultra pipelines, where first pipeline would encrypt the password field and send this data to second pipeline &amp; the second pipeline would decrypt the data and use it.
The problem is we are giving away key information like Type Of Algorithm, IV, Key_SALT over the internet along with the Ciphertext which is a security concern.
Our design has to have 2 seperate ultra pipelines &amp; not pipeline execute as its an architectural decision.

How can we achieve decrypting the field, without giving away these key attributes?

tstack · Answer

Deepak:

The problem is we are giving away key information like Type Of Algorithm, IV, Key_SALT over the internet along with the Ciphertext which is a security concern.

These values are not secrets, so I don’t think there should be a problem.

Deepak:

Our design has to have 2 seperate ultra pipelines &amp; not pipeline execute as its an architectural decision.

Can I ask what is driving the decision to not use PipeExec?

deepak · Answer

@tstack
Those give away key information on what stratergy is used by an organization for encryption. Also, the attributes I mentioned are key attributes required for encryption.
These are sensitive data.
Pipeline exec vs Iltra ppipeline decision would take this chain in a different direction. Let’s consider the fact that we need to utilize this Ultra pipelines.

Forum Discussion

Encrypt and decrypt sensitive data in a source

Configuration

Downloads

6 Replies

Recent Discussions

File Extraction Patterns

Secret Management vs Enhanced Account Encryption

sequence month of dates

Flatten JSON files into CSV files

Filter out the specific column