Skip to content

Reference: Formats, Algorithms, and Scopes

This table correlates allowable encryption input data formats, the supported algorithms for those formats, and the scope of the data that is encrypted.

These formats, algorithms, and scopes are the basis for Privacera's default system encryption schemes and can be used to Create Custom Encryption Schemes.

The combinations are subdivided into groups based on the underlying API:

  • Privacera API
  • Bouncy Castle API

Privacera API#

The following combinations can be used with the Privacera API.

Format
Description of Format Algorithm
Scope
Examples/Clarification
Alphanumeric






FPE All

Standard All
Standard 256-bit All
Alphanumeric Regex
FPE Regex
Standard Regex
Standard 256-bit Regex
ASCII 7-bit ASCII character set, excluding control characters.
FPE All
CC Numeric from 14 to 19 digits. Hyphens and spaces allowed.



FPE First 4 digits



FPE First 4 digits
FPE
Regex
FPE All
Date
  • uuuu-MM-dd
  • MM-dd-uuuu
  • MM/DD/YYYY
FPE All uuuu is a year format that does not need the specification of the era CE (Common Era) or BCE (Before Common Era). A positive number indicates CE, while a negative number indicates BCE.
DateTime See Examples/Clarification column.

For examples of these formats, see Examples of Allowable DateTime Formats below.

Legend.

  • yyyy or uuuu is 4-digit year. For a description of uuuu, see entry for Date.
  • MM is the 2-digit, zero-padded month of yyyy or uuuu.
  • dd is the 2-digit, zero-padded day of MM.
  • HH is the 2-digit, zero-padded 24-hour clock hour of dd.
  • mm is the 2-digit, zero-padded minute of HH.
  • ss is the 2-digit, zero-padded second of mm.
  • SSS is the 3-digit, zero-padded microsecond of ss.
  • The literal T is the time indicator and the literal Z is the indicator for time zone offset, as described in W3C's Time & date: Essential concepts. Note: The time zone offset is not encrypted.

Formats

  • uuuu-mm-dd
  • uuuu/mm/dd
  • mm/dd/uuuu
  • uuuu-mm-ddTHH:mm:ss.SSSZ
  • uuuu-mm-ddTHH:mm:ss,SSSZ
  • uuuu-mm-ddTHH:mm:ss.SSS
  • uuuu-mm-ddTHH:mm:ss,SSS
  • uuuu-mm-ddTHH:mm:ssZ
  • uuuu-mm-ddTHH:mm:ss
  • uuuu-mm-ddTHH:mmZ
  • uuuu-mm-ddTHH:mm
  • uuuu-mm-dd HH:mm:ss.SSS
  • uuuu-mm-dd HH:mm:ss,SSS
  • uuuu-mm-dd HH:mm:ss
  • uuuu-mm-dd HH:mm
  • uuuu/mm/ddTHH:mm:ss.SSSZ
  • uuuu/mm/ddTHH:mm:ss,SSSZ
  • uuuu/mm/ddTHH:mm:ss.SSS
  • uuuu/mm/ddTHH:mm:ss,SSS
  • uuuu/mm/ddTHH:mm:ssZ
  • uuuu/mm/ddTHH:mm:ss
  • uuuu/mm/ddTHH:mmZ
  • uuuu/mm/ddTHH:mm
  • uuuu/mm/dd HH:mm:ss.SSS
  • uuuu/mm/dd HH:mm:ss,SSS
  • uuuu/mm/dd HH:mm:ss
  • uuuu/mm/dd HH:mm
  • mm/dd/uuuuTHH:mm:ss.SSSZ
  • mm/dd/uuuuTHH:mm:ss,SSSZ
  • mm/dd/uuuuTHH:mm:ss.SSS
  • mm/dd/uuuuTHH:mm:ss,SSS
  • mm/dd/uuuuTHH:mm:ssZ
  • mm/dd/uuuuTHH:mm:ss
  • mm/dd/uuuuTHH:mmZ
  • mm/dd/uuuuTHH:mm
  • mm/dd/uuuu HH:mm:ss.SSSZ
  • mm/dd/uuuu HH:mm:ss,SSSZ
  • mm/dd/uuuu HH:mm:ss.SSS
  • mm/dd/uuuu HH:mm:ss,SSS
  • mm/dd/uuuu HH:mm:ssZ
  • mm/dd/uuuu HH:mm:ss
  • mm/dd/uuuu HH:mmZ
  • mm/dd/uuuu HH:mm
Email Must include @ sign.

FPE domain jimmybob@BigCo.com

FPE masked_domain
FPE All
FPE_ALPHA_NUMERIC





Alphanumeric All

Alphanumeric All
FPE All
Standard All
Standard 256-bit All
Alphanumeric All
HASHING Same as ASCII.

SHA-256 Hash All These are one-way hashes.

SHA-256 Hash All
SHA-512 Hash All
Host/Domain Internet standard domain name, or portion thereof with periods.





Alphanumeric All
  • .com
  • .cornell.edu
  • bigred.cornell.edu
  • superduper.bigred.cornell.edu


FPE All
Standard All
Standard 256-bit All
Alphanumeric Regex
FPE Regex
Standard Regex
Standard 256-bit Regex
IP Internet Protocol v4 or v6 standard address


Alphanumeric All
  • 127.0.0.1
  • ABCD:EF01:2345:6789:ABCD:EF01:2345:6789

FPE All
FPE IP Host
Alphanumeric IP Host
FPE IP Network
LITERAL Free-form: no specific format required. Alphanumeric All

FPE All
Standard All
Standard 256-bit All
Numeric Digits from 0 through 9.
FPE All

FPE Fixed-length
FPE Regex
SSN Nine digits. Hyphens and spaces allowed.

FPE Fixed-length

FPE Last 4 digits
FPE Regex
FPE All
Text


Alphanumeric All


FPE All
Standard All

Standard 256-bit All

Bouncy Castle API#

The following combinations can be used with the Bouncy Castle API.

The only allowable scope for schemes that use the Bouncy Castle API is All.

Format Algorithm Scope
Alphanumeric
  • AES 128
  • AES 256
All
ASCII
  • AES 128
  • AES 256
All
CC
  • AES 128
  • AES 256
All
Date
  • AES 128
  • AES 256
All
DateTime
  • AES 128
  • AES 256
All
Driver License
  • AES 128
  • AES 256
All
Email
  • AES 128
  • AES 256
All
Host/Domain
  • AES 128
  • AES 256
All
IP
  • AES 128
  • AES 256
All
Numeric
  • AES 128
  • AES 256
All
SSN
  • AES 128
  • AES 256
All
Text
  • AES 128
  • AES 256
All

Examples of Allowable DateTime Formats#

  • 1912-01-02
  • 1912/01/02
  • 1912-01-02 03:10:50
  • 1912/01/02 03:10:50
  • 1912-01-02 03:10:50.000
  • 1912/01/02 03:10:50.000
  • 1950/02/03T05:20:30.213+1000
  • 1950-02-03T05:20:30.213+1000

Last update: July 30, 2021