Skip to content

Reference: Formats, Algorithms, and Scopes

This table correlates allowable encryption input data formats, the supported algorithms for those formats, and the scope of the data that is encrypted.

These formats, algorithms, and scopes are the basis for Privacera's default system encryption schemes and can be used to Create Custom Encryption Schemes.

The combinations are subdivided into groups based on the underlying API:

  • Privacera API
  • Bouncy Castle API

Privacera API#

The following combinations can be used with the Privacera API.

Format
 Description of Format Algorithm
 Scope
 Examples/Clarification
Alphanumeric






FPE All

Standard All
Standard 256-bit All
Alphanumeric Regex
FPE Regex
Standard Regex
Standard 256-bit Regex
ASCII 7-bit ASCII character set, excluding control characters.
 FPE All
CC Numeric from 14 to 19 digits. Hyphens and spaces allowed.



 FPE First 4 digits



FPE First 4 digits
FPE
 Regex
FPE All
Date
  • uuuu-MM-dd
  • MM-dd-uuuu
  • MM/DD/YYYY
 FPE All uuuu is a year format that does not need the specification of the era CE (Common Era) or BCE (Before Common Era). A positive number indicates CE, while a negative number indicates BCE.
DateTime See Examples/Clarification column.

For examples of these formats, see Examples of Allowable DateTime Formats below.

Legend.

  • yyyy or uuuu is 4-digit year. For a description of uuuu, see entry for Date.
  • MM is the 2-digit, zero-padded month of yyyy or uuuu.
  • dd is the 2-digit, zero-padded day of MM.
  • HH is the 2-digit, zero-padded 24-hour clock hour of dd.
  • mm is the 2-digit, zero-padded minute of HH.
  • ss is the 2-digit, zero-padded second of mm.
  • SSS is the 3-digit, zero-padded microsecond of ss.
  • The literal T is the time indicator and the literal Z is the indicator for time zone offset, as described in W3C's Time & date: Essential concepts. Note: The time zone offset is not encrypted.

Formats

  • uuuu-mm-dd
  • uuuu/mm/dd
  • mm/dd/uuuu
  • uuuu-mm-ddTHH:mm:ss.SSSZ
  • uuuu-mm-ddTHH:mm:ss,SSSZ
  • uuuu-mm-ddTHH:mm:ss.SSS
  • uuuu-mm-ddTHH:mm:ss,SSS
  • uuuu-mm-ddTHH:mm:ssZ
  • uuuu-mm-ddTHH:mm:ss
  • uuuu-mm-ddTHH:mmZ
  • uuuu-mm-ddTHH:mm
  • uuuu-mm-dd HH:mm:ss.SSS
  • uuuu-mm-dd HH:mm:ss,SSS
  • uuuu-mm-dd HH:mm:ss
  • uuuu-mm-dd HH:mm
  • uuuu/mm/ddTHH:mm:ss.SSSZ
  • uuuu/mm/ddTHH:mm:ss,SSSZ
  • uuuu/mm/ddTHH:mm:ss.SSS
  • uuuu/mm/ddTHH:mm:ss,SSS
  • uuuu/mm/ddTHH:mm:ssZ
  • uuuu/mm/ddTHH:mm:ss
  • uuuu/mm/ddTHH:mmZ
  • uuuu/mm/ddTHH:mm
  • uuuu/mm/dd HH:mm:ss.SSS
  • uuuu/mm/dd HH:mm:ss,SSS
  • uuuu/mm/dd HH:mm:ss
  • uuuu/mm/dd HH:mm
  • mm/dd/uuuuTHH:mm:ss.SSSZ
  • mm/dd/uuuuTHH:mm:ss,SSSZ
  • mm/dd/uuuuTHH:mm:ss.SSS
  • mm/dd/uuuuTHH:mm:ss,SSS
  • mm/dd/uuuuTHH:mm:ssZ
  • mm/dd/uuuuTHH:mm:ss
  • mm/dd/uuuuTHH:mmZ
  • mm/dd/uuuuTHH:mm
  • mm/dd/uuuu HH:mm:ss.SSSZ
  • mm/dd/uuuu HH:mm:ss,SSSZ
  • mm/dd/uuuu HH:mm:ss.SSS
  • mm/dd/uuuu HH:mm:ss,SSS
  • mm/dd/uuuu HH:mm:ssZ
  • mm/dd/uuuu HH:mm:ss
  • mm/dd/uuuu HH:mmZ
  • mm/dd/uuuu HH:mm
Email Must include @ sign.

 FPE domain jimmybob@BigCo.com
FPE masked_domain
FPE All
FPE_ALPHA_NUMERIC





Alphanumeric All

Alphanumeric All
FPE All
Standard All
Standard 256-bit All
Alphanumeric All
HASHING Same as ASCII.

 SHA-256 Hash All These are one-way hashes.
SHA-256 Hash All
SHA-512 Hash All
Host/Domain Internet standard domain name, or portion thereof with periods.





 Alphanumeric All
  • .com
  • .cornell.edu
  • bigred.cornell.edu
  • superduper.bigred.cornell.edu
FPE All
Standard All
Standard 256-bit All
Alphanumeric Regex
FPE Regex
Standard Regex
Standard 256-bit Regex
IP Internet Protocol v4 or v6 standard address


 Alphanumeric All
  • 127.0.0.1
  • ABCD:EF01:2345:6789:ABCD:EF01:2345:6789
FPE All
FPE IP Host
Alphanumeric IP Host
FPE IP Network
LITERAL Free-form: no specific format required. Alphanumeric All

FPE All
Standard All
Standard 256-bit All
Numeric Digits from 0 through 9.
 FPE All

FPE Fixed-length
FPE Regex
SSN Nine digits. Hyphens and spaces allowed.

 FPE Fixed-length

FPE Last 4 digits
FPE Regex
FPE All
Text


Alphanumeric All


FPE All
Standard All

Standard 256-bit All

Bouncy Castle API#

The following combinations can be used with the Bouncy Castle API.

The only allowable scope for schemes that use the Bouncy Castle API is All.

Format Algorithm Scope
Alphanumeric
  • AES 128
  • AES 256
 All
ASCII
  • AES 128
  • AES 256
 All
CC
  • AES 128
  • AES 256
 All
Date
  • AES 128
  • AES 256
 All
DateTime
  • AES 128
  • AES 256
 All
Driver License
  • AES 128
  • AES 256
 All
Email
  • AES 128
  • AES 256
 All
Host/Domain
  • AES 128
  • AES 256
 All
IP
  • AES 128
  • AES 256
 All
Numeric
  • AES 128
  • AES 256
 All
SSN
  • AES 128
  • AES 256
 All
Text
  • AES 128
  • AES 256
 All

Examples of Allowable DateTime Formats#

  • 1912-01-02
  • 1912/01/02
  • 1912-01-02 03:10:50
  • 1912/01/02 03:10:50
  • 1912-01-02 03:10:50.000
  • 1912/01/02 03:10:50.000
  • 1950/02/03T05:20:30.213+1000
  • 1950-02-03T05:20:30.213+1000
Last update: July 30, 2021