| 摘要 |
Methods, computing systems and computer program products implement embodiments of the present invention that include defining multiple primitives, each primitive including ranking and unranking methods. Two or more of the multiple primitives are selected, and an operation is performed on the selected primitives, thereby defining a complex format. Upon and encryption processor receiving a data record comprising a plaintext, the complex format is applied to the plaintext, thereby generating a ciphertext, and the ciphertext is transmitted to a remote computer. Upon receiving the ciphertext, the remote computer can apply the complex format to the received ciphertext, thereby regenerating the plaintext. |
| 主权项 |
1. A method, comprising:
managing, in a memory, a list of format definitions, including multiple primitive formats, each format definition being associated with a respective ranking function and a respective unranking function; receiving, by a computer associated with the memory, indications defining a complex format, the indications including two or more of the format definitions in the managed list and one or more combining operations to be applied to the indicated two or more different format definitions to define the complex format; generating, by the computer, a ranking function and an unranking function for the complex format defined by the received indications, responsive to the received indications and the respective ranking and unranking functions of the indicated format definitions; receiving a data record comprising a plaintext; applying, by an encryption processor, the ranking function of the complex format to the plaintext; encrypting a result of applying the ranking function of the complex format to the plaintext; and applying the unranking function of the complex format to the encryption of the result, thereby generating a ciphertext, wherein the method further comprises specifying a maximum domain size, and upon detecting that the complex format has a format domain size greater than the maximum domain size, splitting the complex format into a plurality of sub-formats, each of the sub-formats having a sub-format domain size less than or equal to the maximum domain size, and dividing, by the encryption processor, the plaintext into multiple sub-plaintexts, each of the sub-plaintexts having a respective sub-format, and wherein applying the ranking function of the complex format to the plaintext comprises applying a ranking function of each of the sub-formats to its respective sub-plaintext, thereby generating a respective sub-ciphertext, and wherein the ciphertext comprises a concatenation of the sub-ciphertexts. |
