Joel C. Ewing pointed out that FPEd data won't compress quite as well as un-FPEd since repeated characters will not be repeated in the ciphertext. This is no doubt true, although some number of random repeats will occur in the ciphertext as well.
He wrote: >Unless by format-preserving data protection you mean an encryption >technique that preserves repeated characters (like blanks) and repeated >combinations of characters, then NO, it will not compress well after >encryption. <snip> You're thinking whole-data set again, though; format-preserving data protection is not used on whole data sets, it's used on fields in structured data. So while yes, it will compress slightly less well, repeated occurrences of the same field will certainly match, and blanks are not usually part of the protected character set. (I'm talking about NIST-approved modes like FF1, BTW.) So in your described case, compression will take a big hit; in an actual use case, not as much, although there will likely be some loss of compressibility. Format-preserving data protection really involves a different way of thinking about data and data protection. I hate having to say that, as it sounds like marketing BS, but after more than eleven years of working with it, I have come to accept it. .phsiii P.S. This is a great discussion! ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
