npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

node-fe1-fpe

v1.0.0-beta.2

Published

Node.js implementation of the FE1 Format Preserving Encryption algorithm.

Downloads

168

Readme

node-fe1-fpe ( beta )

A ~~dependency-free~~ Node.js implementation of Format Preserving Encryption.

Build Status npm version Coverage Status Known Vulnerabilities License: MIT

Theory

Format preserving encryption (FPE) refers to a set of techniques for encrypting data such that the ciphertext has the same format as the plaintext. For instance, you can use FPE to encrypt credit card numbers with valid checksums such that the ciphertext is also an credit card number with a valid checksum, or similarly for bank account numbers, US Social Security numbers, or even more general mappings like English words onto other English words.

To encrypt an arbitrary value using FE1, you need to use a ranking method. Basically, the idea is to assign an integer to every value you might encrypt. For instance, a 16 digit credit card number consists of a 15 digit code plus a 1 digit checksum. So to encrypt a credit card number, you first remove the checksum, encrypt the 15 digit value modulo 1015, and then calculate what the checksum is for the new (ciphertext) number. Or, if you were encrypting words in a dictionary, you could rank the words by their lexicographical order, and choose the modulus to be the number of words in the dictionary.

Implementation

Current implementation uses the FE1 scheme from the paper "Format-Preserving Encryption" by Bellare, Rogaway, et al.

Ported from java-fpe which was ported from DotFPE which was ported from Botan Library.

Installation

npm install --save node-fe1-fpe

Basic usage

const fe1 = require('node-fe1-fpe');

// in possible values of 0-10000 encrypt the value of 1.
const encryptedValue = fe1.encrypt(10001, 1, 'my-secret-key', 'my-non-secret-tweak'); // 4984
const decryptedValue = fe1.decrypt(10001, encryptedValue, 'my-secret-key', 'my-non-secret-tweak'); // 1

Alternatively you could pass a buffer instance instead of string key (this allows reading the keys from files).

const fe1 = require('node-fe1-fpe');

// just an example, buffer would ideally come file.
const secretKeyBuffer = Buffer.from('my-secret-key', 'utf16le');

// in possible values of 0-10000 encrypt the value of 1.
const encryptedValue = fe1.encrypt(10001, 1, secretKeyBuffer, 'my-non-secret-tweak'); // 4984
const decryptedValue = fe1.decrypt(10001, encryptedValue, secretKeyBuffer, 'my-non-secret-tweak'); // 1

Considerations

The implementation is as stable as a rock for a modulus up to 10 000 000. It is designed this way because of speed concerns. For larger range, the matter needs to be discussed with the corresponding developers.

Todo

  • [X] Proper tests
  • [X] Documentation
  • [X] Speed optimizations

License

Copyright © 2017-8 eCollect AG. Licensed under the MIT license.