All Products
Search

This Product

    Dataphin:Security algorithm description

    Document Center

    Dataphin:Security algorithm description

    Last Updated:Jun 23, 2026

    Dataphin supports multiple security algorithms for encryption and decryption, hashing, and masking.

    Description of encryption and decryption security algorithms

    Algorithm name

    Algorithm description

    RSA native private key encryption/decryption

    RSA is an asymmetric encryption algorithm that uses separate keys for encryption and decryption, providing enhanced security.

    FPE format-preserving encryption/decryption (FF1)

    A symmetric encryption method that preserves the plaintext format after encryption and decryption. It requires no changes to the database schema, and the computed data can still participate in calculations. This method is commonly used in financial services or applications that must comply with data privacy standards.

    AES native encryption/decryption

    AES is a symmetric encryption algorithm that uses the same key for encryption and decryption.

    3DES native encryption/decryption, DES native encryption/decryption

    3DES and DES are symmetric encryption algorithms that use the same key for encryption and decryption.

    FPE format-preserving native encryption/decryption (FF1)

    A symmetric encryption method that preserves the plaintext format after encryption and decryption. It requires no changes to the database schema, and the computed data can still participate in calculations. This method is commonly used in financial services or applications that must comply with data privacy standards.

    RSA native public key encryption/decryption

    RSA is an asymmetric encryption algorithm that uses separate keys for encryption and decryption, providing enhanced security.

    SM2 native public key encryption

    SM2 is an asymmetric encryption algorithm that uses separate keys for encryption and decryption, providing enhanced security.

    SM2 native private key decryption

    SM2 is an asymmetric encryption algorithm that uses separate keys for encryption and decryption, providing enhanced security.

    SM4 native encryption/decryption

    SM4 is a symmetric encryption algorithm that uses the same key for encryption and decryption.

    Description of masking security algorithms

    Algorithm name

    Algorithm description

    Chinese name

    Desensitizes the surname in a Chinese name, retaining only the given name.

    Chinese name (given name masking)

    Desensitizes the given name in a Chinese name, retaining only the surname.

    Mobile phone

    Desensitizes mobile phone numbers.

    Mobile phone (hidden length)

    Desensitizes mobile phone numbers with a configurable masking length.

    Landline

    Desensitizes landline numbers.

    Landline (hidden length)

    Desensitizes landline numbers with a configurable masking length.

    ID card number

    Desensitizes ID card numbers.

    ID card number (hidden length)

    Desensitizes ID card numbers with a configurable masking length.

    Bank card number

    Desensitizes bank card numbers.

    Bank card number (hidden length)

    Desensitizes bank card numbers with a configurable masking length.

    Address

    Desensitizes addresses.

    Email

    Desensitizes email addresses.

    Example: Input username@example.com, output u***@example.com.

    Taobao nickname

    Desensitizes Taobao nicknames.

    Example: Input Taobao talent 001, output Tao***1.

    Birthday

    Example: Input 2019-08-15, output ****-08-15.

    Keyword replacement

    Masks a string at positions that match a regular expression. Takes three parameters: the string to mask, a regular expression that identifies the portion to mask, and a replacement string. For example, given string1, exp, and string2, the portion of string1 that matches exp is replaced with string2.

    Custom mask

    Masks a string at custom positions. Parameters are specified in pairs: each pair (n, m) masks the characters from position n to position m.

    Custom mask (custom replacement value)

    Masks a string at custom positions with a custom replacement value. Parameters are specified in groups of three: each group (n, m, k) replaces the characters from position n to position m with k.

    Description of hashing security algorithms

    Algorithm name

    Algorithm description

    SHA256

    SHA256 produces a 256-bit (64-character hexadecimal) hash result.

    SHA384

    SHA384 produces a 384-bit (96-character hexadecimal) hash result.

    SHA512

    SHA512 produces a 512-bit (128-character hexadecimal) hash result.

    Salted SHA256

    SHA256 with an added salt value for stronger security. Salting effectively prevents dictionary attacks. Produces a 256-bit (64-character hexadecimal) hash result.

    Salted SHA384

    SHA384 with an added salt value for stronger security. Salting effectively prevents dictionary attacks. Produces a 384-bit (96-character hexadecimal) hash result.

    Salted SHA512

    SHA512 with an added salt value for stronger security. Salting effectively prevents dictionary attacks. Produces a 512-bit (128-character hexadecimal) hash result.

    MD5

    MD5 produces a 128-bit (32-character hexadecimal) hash result.

    Salted MD5

    MD5 produces a 128-bit (32-character hexadecimal) hash result.

    Base64

    Base64 encodes binary data using 64 printable characters. Because Base64-encoded data can be directly decoded, it provides minimal security.

    Description of other security algorithms

    Algorithm name

    Algorithm description

    Gaussian noise

    Applies Gaussian noise to numeric fields. Takes a numeric input and outputs a randomized value that follows a Gaussian distribution.