NIST Publishes New Security Standard For Encrypting Credit Card, Medical Info

  /     /     /  
Publicated : 22/11/2024   Category : security


NIST Publishes New Security Standard For Encrypting Credit Card, Medical Info


NIST published a new cybersecurity standard that specifies format- preserving encryption techniques to secure credit card number and sensitive medical information.



The National Institute of Standards and Technology (NIST) has developed new encryption methods for securing financial data and other sensitive information.
The NIST publication SP 800-38G authored by Morris Dworkin specifies cryptography standards for both binary and non-binary data, preserving the look and feel of the unencrypted digits. Earlier encryption methods designed by NIST worked for binary data. But for strings of decimal numbers, there was no feasible technique to produce coded data that preserves the original format.
How do you transform a string of digits such as a credit card number so that it is indecipherable to hackers, but still has the same length and look—in other words, preserves the format—of the original number, as the software expects? Dworkin said in a NIST post.
The new standard -- Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption -- describes two encryption methods that can help cipher both binary and non-binary sequences of symbols, maintaining the same format as that of the original string. The FF1 and FF3 techniques are aimed at protecting the credit card number during the financial transaction, and can also help secure sensitive medical records.
Though the encryption methods can protect patient’s personal information, Dworkin notes that its still no foolproof security measure. “FPE can facilitate statistical research while maintaining individual privacy, but patient re-identification is sometimes possible through other means,” he said. “You might figure out who someone is if you look at their other characteristics, especially if the patient sample is small enough. So it’s still important to be careful who you entrust the data with in the first place.”
Read more on the new security standard in this 
NIST post.

Last News

▸ New threat discovered: Mobile phone ownership compromised. ◂
Discovered: 23/12/2024
Category: security

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
NIST Publishes New Security Standard For Encrypting Credit Card, Medical Info