Forum Discussion

pavan's avatar
pavan
Former Employee
7 years ago

Encrypt and decrypt sensitive data in a source

Created by @pavan This pipeline pattern will encrypt fields passed as JSON docs using a defined transform type (AES), and decrypts and gives back the original message. This pattern is useful for...
decrypt
encrypt
sample_pipeline
andrew_holbrook's avatar
andrew_holbrook
New Contributor III
7 years ago

@pavan Once encrypted, do I need to pass all the information onward? Is it a security risk to do so?

ENC {
  "transformation":"AES/CBC/PKCS5Padding",
  "iv":"[MYIV]",
  "type":"STRING",
  "ciphertext":"[MYCIPHERTEXT==]",
  "key_params":  {
    "passphrase":  {
      "key_gen_iterations":10000,
      "key_gen_algorithm":"[ALGORITHM]",
      "key_algorithm":"AES",
      "key_salt":"[SALTKEY]",
      "key_size":128
    }
  }
}:ENC
  • tstack's avatar
    tstack
    Former Employee
    7 years ago

    Yes, the information is needed to correctly decrypt the ciphertext.

    No, it’s okay to send the IV in the clear and the rest of the information is used to configure the decryption process.

    • Deepak's avatar
      Deepak
      New Contributor II
      7 years ago

      @tstack I have a similar scenario. Please read through the steps.

      1. We are using Encryption & Decryption in 2 seperate ultra pipelines, where first pipeline would encrypt the password field and send this data to second pipeline & the second pipeline would decrypt the data and use it.
      2. The problem is we are giving away key information like Type Of Algorithm, IV, Key_SALT over the internet along with the Ciphertext which is a security concern.
      3. Our design has to have 2 seperate ultra pipelines & not pipeline execute as its an architectural decision.

      How can we achieve decrypting the field, without giving away these key attributes?

      • tstack's avatar
        tstack
        Former Employee
        7 years ago

        These values are not secrets, so I don’t think there should be a problem.

        Can I ask what is driving the decision to not use PipeExec?