A. A. Grusho, D. V. Smirnov, E. E. Timonina, S. Ya. Shorgin, “Enhanced tokenization algorithm for personal data protection”, Sistemy i Sredstva Inform., 2021, Volume 31, Issue 4,Pages <nobr>135

This article is cited in 1 paper

Enhanced tokenization algorithm for personal data protection

A. A. Grusho^a, D. V. Smirnov^b, E. E. Timonina^a, S. Ya. Shorgin^a

^a Federal Research Center "Computer Science and Control" of the Russian Academy of Sciences, 44-2 Vavilov Str., Moscow 119133, Russian Federation
^b Sberbank of Russia, 19 Vavilov Str., Moscow 117999, Russian Federation

Abstract: Tokenization is one of the methods of depersonalizing personal data. This method is a bijective replacement of fragments of personal data with random elements of a certain set. One of the weaknesses of personal data protection through tokenization is the possibility of statistically assessing the probabilities of the occurrence of protected fragments of personal data. The paper proposes a method of enhancing tokenization algorithms which allows overcoming this weakness. The enhanced tokenization algorithm is slightly different in complexity from other algorithms. At the same time, the enhanced algorithm can be used both in cases of tokenization by replacing alphabets describing various fragments of personal data and in cases where personal data are divided into fragments of the same length and converted into fragments of the same length but in other alphabets.

Keywords: information security, depersonalization of personal data, tokenization, mathematical statistics.

Received: 23.09.2021

DOI: 14357/08696527210411