РОЗРОБКА ДОДАТКУ ДЛЯ ШИФРУВАННЯ ДАНИХ ЗІ ЗБЕРЕЖЕННЯМ ФОРМАТУ.

The paper describes the development of an application for data encryption with format preservation. Basic definitions such as personal information, identifying information are provided. Over the past few years, a growing number of personal data breaches have resulted in the loss of data integrity for hundreds of millions of user records. Such attacks are aimed at both large companies and small businesses. The cyber-attacks aimed at stealing personal data from enterprises and it is ensured due to the negligence of companies regarding the conscious encryption and masking of personal data of employees and customers. The paper reveals the concept of format-preserving data encryption, as the process of encrypting data in such a way that the output data remains in the same format as the input data. Two modes of operation are considered in format-preserving encryption - FF1 and FF3. When analyzing the existing FPE modes with format preservation, the FF3-1 mode was selected due to the ability to solve the problem of encryption on small data domains. FF3-1 mode was implemented in a software application. The work also reveals the concept of pseudonymization and methods of achieving it. Pseudonymization can be achieved using various methods such as data masking, encryption or tokenization. Data masking process change the value of data while leaving its input format. The goal is to create an output that cannot be deciphered or reverse engineered. The method of data masking was implemented. Thus, the main task was to implement methods that would help companies encrypt and mask data with minimal contributions to restructuring and preserving functionality on the fly. In order to achieve the goal of clear pseudonymization, so that the fact of replacing real data is imperceptible, it was decided to modernize the approach to masking and encryption for fields such as first name, last name, and email address. The methods of pseudonymization and data fields masking: first name, last name, and email address, and the use of the FPE method in FF3-1 mode for fields such as phone number and credit card were implemented. An improved method of pseudonymization and masking of data fields is implemented in the software application. [ABSTRACT FROM AUTHOR]