BookmarkSubscribeRSS Feed
AlexBennasar
Obsidian | Level 7

Hi all!

I've been programming with SAS in my job for 6 years. One thing I miss in Base SAS is the functionality of encrypting a single value or a collection of them, like a variable in a dataset. I'm not talking about hashing a variable, nor encrypting the entire dataset...I want to genuinely encrypt and decrypt values, with AES, PKCS, etc.

I have initiated a project to develop code (100% SAS code) to implement this functionality. For now, the basic AES  algorithm for encrypting and decrypting basic 128 bits-lengh blocks is done. You can encrypt them with a single macro call:

 

 

/* Message to be encrypted */
%let message=00112233445566778899aabbccddeeff;
%put NOTE: Original message: &message;

/* Encryption with a 128-bit key */
%let key128=000102030405060708090a0b0c0d0e0f;
%let cryptogram128=%cipherAES(&message, &key128);
%put NOTE: Message encrypted with 128-bit key: &cryptogram128;

and then decrypt with another call:

 

/* Decryption with a 128-bit key */
%let messageDecrypted128=%invCipherAES(&cryptogram128, &key128);
%put NOTE: Message decrypted with 128-bit key: &messageDecrypted128;

The encryption key can have 3 lengths: 128, 192 and 256 bit, according to the AES:

/* Encryption with a 192-bit key */
%let key192=000102030405060708090a0b0c0d0e0f1011121314151617;
%let cryptogram192=%cipherAES(&message, &key192);
%put NOTE: Message encrypted with 192-bit key: &cryptogram192;

/* Encryption with a 256-bit key */
%let key256=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f;
%let cryptogram256=%cipherAES(&message, &key256);
%put NOTE: Message encrypted with 256-bit key: &cryptogram256;

These macros are, in fact, macrofunctions, but they can encrypt the N values of a dataset variable too:

/* Compute cryptograms and store them in macrovar */
proc sql noprint;
	select '%cipherAES('||m||','||k||')' into :cryptograms separated by ' ' from testMessages;
quit;

The project is a work in progress. To be fully functional, it will be needed at least:

  • a key derivation function
  • a block cypher mode of operation
  • a padding scheme

For now, the AES protocol implementation is all I have done. The project can be found here:

 

https://github.com/AlexBennasar/Crypto-SAS 

 

Maybe this project will be interesting/useful for somebody!

7 REPLIES 7
SASKiwi
PROC Star

@AlexBennasar  - This is great, but I think you should post this in the Community Library as an article to get better visibility. You can do that here: SAS Support Communities 

AlexBennasar
Obsidian | Level 7

Sure, unfortunately I still can't create an article there 😞 but thanks for that feedback! I'll do it in near future, I hope

SASKiwi
PROC Star

@AlexBennasar - Maybe someone can sort that out for you. Calling @ShelleySessoms ...

AlexBennasar
Obsidian | Level 7
Thanks for your help!
ShelleySessoms
Community Manager

The article is live now: https://communities.sas.com/t5/SAS-Communities-Library/Variable-value-encryption-in-SAS/ta-p/822231

It's time to register for SAS Innovate! Join your SAS user peers in Las Vegas on April 16-19 2024.
Ksharp
Super User
It is awesome. As SASKiwi said it would be better to post this in the Community Library.
AlexBennasar
Obsidian | Level 7

Thanks for the feedback! I'll post it there whenever I can

sas-innovate-2024.png

Available on demand!

Missed SAS Innovate Las Vegas? Watch all the action for free! View the keynotes, general sessions and 22 breakouts on demand.

 

Register now!

How to Concatenate Values

Learn how use the CAT functions in SAS to join values from multiple variables into a single value.

Find more tutorials on the SAS Users YouTube channel.

Click image to register for webinarClick image to register for webinar

Classroom Training Available!

Select SAS Training centers are offering in-person courses. View upcoming courses for:

View all other training opportunities.

Discussion stats
  • 7 replies
  • 1058 views
  • 4 likes
  • 4 in conversation