Format preserving string substitution encryption
In general, format-preserving encryption is a type of encryption such that the output (the ciphertext) is in the same format as the input (the plaintext).
This library uses a simple substitution cipher algorithm. Read more about the security of this library in the dedicated section below.
cipher with default domain ([0-9])
const fpe = require('node-fpe');
const cipher = fpe({ secret: 'secret!' });
cipher.encrypt('1234567');
// '7130548'
cipher.decrypt('7130548');
// '1234567'
cipher with a custom domain ([A-E])
const fpe = require('node-fpe');
const cipher = fpe({ secret: 'secret!', domain: ['A', 'B', 'C', 'D', 'E'] });
cipher.encrypt('BEEBEE');
// 'ABBABB'
cipher.decrypt('ABBABB');
// 'BEEBEE'
Options to pass on to node-fpe are:
secret
: mandatory. a secret used in the underlying hash function.domain
: optional. an array of characters used as the FPE domain. default: 0-9 digits
This module is using the term format-preserving encryption, however it is not a proper fpe implementation. It is basically a substitution cipher, you can use it to scramble and de-scramble strings but it is not recommended to use it with anything sensitive as the encryption is weak.
For fpe, there are other libraries available: