Format Preserving Encryption with Go
Within tokenization, we can apply format-preserving encryption (FPE) methods, which will convert our data into a format which still looks valid, but which cannot be mapped to the original value. For example, we could hide Bob’s credit card detail into another valid credit card number, and which would not reveal his real number. A tokenization server could then convert the real credit card number into a format which still looked valid. For this, we have a key which takes the data and then converts it into a form which the same length as the original.
The method we use is based on a Feistel structure, and where we have a number of rounds, and then apply the key through a Feistel function for each round:
We thus split the data into blocks (typically 64-bits), and then split into two parts. We then take these splits into the left part and the right part, and feed through each round, and then swap them over. The ⊕ symbol is an exclusive-OR operator.
An example of the Friestel cipher is defined here.
