The Encryption Function provides secure data masking capabilities utilizing a cipher. Users can select the input data and encrypt them using the desired algorithm. All entered fields are processed according to the user input configuration and transformed following the adopted standards of the chosen algorithm. To restore the original field data the Decryption Function must be used.


To configure the Encryption Function, specify details in the following sections:

Input Fields

Select the encrypted fields that you want to encrypt from the connected processor Function. You can also specify a new input field in Fields and click + Add to add it to the list.

Currently, the supported value types are string, number, boolean, and date.

Encryption Scheme

Use the Secrets Wallet toggle to select a Key that you have stored in your Secrets Wallet. 

Encryption Algorithm

Select a suitable encryption algorithm.  You can select an encryption algorithm of your choice from the list below. Currently, the following types are supported: 

  • AES-256-GCM
  • AES-256-CTR 
  • AES-256-CBC

All encryption/decryption algorithms are implemented according to official specifications, for more information on how data is processed refer to the released documentation on the matter.

AES-256-GCM is discussed in the NIST (National Institute of Standards and Technology) SP (Special Publication) 800-30D on Computer Security. AES-256 is documented in the FIPS (Federal Information Processing Standards) Publication 197 on AES