This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Generate same cipher text as result of encrypted value

Ajay_Chawda
Contributor

‎08-16-2021 07:15 PM

Hello Expert,
I’m trying to encrypt few fields of file (eg Name,Age) using encrypt field snap.
if same name and age appears in different file encrypt field snap is giving different cipher text.

Attaching sample pipeline for reference.

testCipherText_2021_08_17.slp (26.0 KB)

image

same content is present in all the files.

testCipherText_2021_08_17.slp
0 Kudos
Reply
4 REPLIES 4

Ajay_Chawda
Contributor

‎08-17-2021 07:21 PM

Any suggestion?

0 Kudos
Reply

ptaylor
Employee
Employee

‎08-18-2021 10:31 AM

You didn’t specify a value for the Initialization vector setting, so one is randomly generated for every field in every document. That’s why the cipher text is different. Note the documentation for this setting:

Leave empty to generate one automatically. Note that the content of the initialization vector should be different for every encryption operation. Reusing IVs will make the encryption operation less secure.

0 Kudos
Reply

Ajay_Chawda
Contributor

‎08-19-2021 07:43 PM

Hi @ptaylor
Thank you for help.
it worked if provide key and Initialization vector details in snap it self.
but it did not worked if i consider key to be taken from account and Initialization vector information in snap it self.

below configuration worked
image

But if select account for key its not working.
image

0 Kudos
Reply

ptaylor
Employee
Employee
In response to Ajay_Chawda

‎08-20-2021 12:23 PM

The Passphrase-Based Key account generates a random seed every time it’s used, so the ciphertext will be different each time, even if the input, passphrase and IV haven’t changed.

If having consistent ciphertext is important to you, use a KeyStore account instead. You create a symmetric key and store it in a keystore file, then configure the account with that file plus a password and alias to access that key. Here’s an example of how to create a keystore ks.jks containing a 128-bit AES key with password mypassword and alias myalias:

keytool -genseckey -keyalg AES -keysize 128 -storepass mypassword -alias myalias -storetype JCEKS -keystore ks.jks

0 Kudos
Reply