Pseudonymization method that generates deterministic encryption for the
given input. Outputs a base64 encoded representation of the encrypted
output. Uses AES-SIV based on the RFC
https://tools.ietf.org/html/rfc5297.
The custom info type to annotate the surrogate with. This
annotation will be applied to the surrogate by prefixing it
with the name of the custom info type followed by the number
of characters comprising the surrogate. The following scheme
defines the format: (): For example, if the name of custom
info type is 'MY_TOKEN_INFO_TYPE' and the surrogate is
'abc', the full replacement value will be:
'MY_TOKEN_INFO_TYPE(3):abc' This annotation identifies the
surrogate when inspecting content using the custom info type
'Surrogate'. This facilitates reversal of the surrogate when
it occurs in free text. In order for inspection to work
properly, the name of this info type must not occur naturally
anywhere in your data; otherwise, inspection may either -
reverse a surrogate that does not correspond to an actual
identifier - be unable to parse the surrogate and result in
an error Therefore, choose your custom info type name
carefully after considering what your data looks like. One way
to select a name that has a high chance of yielding reliable
detection is to include one or more unicode characters that
are highly improbable to exist in your data. For example,
assuming your data is entered from a regular ASCII keyboard,
the symbol with the hex code point 29DD might be used like so:
⧝MY_TOKEN_TYPE