Digest obfuscation for data cryptography

The invention claimed is: 1. A computing device having a hardware processor that provides operations comprising: receiving a target value to be obfuscated in data records received from a data source; hashing the target value using a hashing module to create a hashed value; translating, by the hardware processor, bits of the hashed value according to a sparse bit selection pattern that specifies input data bits, output bit units for the respective input data bits, and bit unit locations within the respective output bit units, the sparse bit pattern including a translation of bits of the hashed value into reordered bit unit groupings sized according to a numeric base of a digit cypher; generating, by the hardware processor, an obfuscated value using the translated bit unit groupings of the hashed value as indices into the digit cypher, the digit cypher including a mapping of the indices to output values in the numeric base; replacing the target value in the data records with the obfuscated value and protecting subscriber-identifiable information, wherein the target value includes a mobile device number, the hashing is performed using SHA-256, and one of: (i) the numeric base is base 64, and the bit unit groupings of the sparse bit pattern include groupings of six bits, and (ii) the numeric base is base 16, and the bit unit groupings of the sparse bit pattern include groupings of four bits. 2. A computing of claim 1 , further configured to provide operations comprising applying a truncation to an output of the hashing module to create a truncated digest value to use as the hashed value. 3. The computing device of claim 1 , further configured to provide operations comprising creating the sparse bit selection pattern based on rules including that (i) for any given output value, no two selected bits of the hashed value are adjacent to one another and (ii) no specific bit of a given input value is mapped to more than one bit of an output value. 4. The computing device of claim 1 , further configured to provide operations comprising at least one of: (i) applying the sparse bit selection pattern to a plurality of portions of the hashed value exceeding the length of the sparse bit selection pattern; and (ii) applying a second sparse bit selection pattern to remainder bits of the hashed value of insufficient length to use the sparse bit selection pattern. 5. The computing device of claim 1 , the digit cypher including each of the possible output values for the numeric base of the digit cypher. 6. A method, comprising: receiving a target value to be obfuscated in data records received from a data source: hashing the target value using a hashing module to create a hashed value; translating, by a hardware processor of a computing device, bits of the hashed value according to a sparse bit selection pattern that specifies input data bits, output bit units for the respective input data bits, and bit unit locations within the respective output bit units, the sparse bit pattern including a translation of bits of the input value into reordered bit unit groupings sized according to a numeric base of a digit cypher; generating, by the hardware processor of the computing device, an obfuscated value using the translated bit unit groupings of the hashed value as indices into the digit cypher, the digit cypher including a mapping of the indices to output values in the numeric base; replacing the target value in the data records with the obfuscated value and protecting subscriber-identifiable information, wherein the target value includes a mobile device number, the hashing is performed using SHA-256, and one of: (i) the numeric base is base 64, and the bit unit groupings of the sparse bit pattern include groupings of six bits, and (ii) the numeric base is base 16, and the bit unit groupings of the sparse bit pattern include groupings of four bits. 7. The method of claim 6 , further comprising applying a truncation to an output of the hashing module to create a truncated digest value to use as the hashed value. 8. The method of claim 6 , further comprising creating the sparse bit selection pattern based on rules including that (i) for any given output value, no two selected bits of the hashed value are adjacent to one another and (ii) no specific bit of a given input value is mapped to more than one bit of an output value. 9. The method of claim 6 , further comprising at least one of: (i) applying the sparse bit selection pattern to a plurality of portions of the hashed value exceeding the length of the sparse bit selection pattern; and (ii) applying a second sparse bit selection pattern to remainder bits of the hashed value of insufficient length to use the sparse bit selection pattern. 10. The method of claim 6 , the digit cypher including each of the possible output values for the numeric base of the digit cypher. 11. A non-transitory computer-readable medium tangibly embodying computer-executable instructions that are executable by a hardware processor of a computing device to provide operations comprising: receiving a target value to be obfuscated in data records received from a data source; hashing the target value using a hashing module to create a hashed value; and translating, by the hardware processor, bits of the hashed value according to a sparse bit selection pattern that specifies input data bits, output bit units for the respective input data bits, and bit unit locations within the respective output bit units, the sparse bit pattern including a translation of bits of the input value into reordered bit unit groupings sized according to a numeric base of a digit cypher; generating, by the hardware processor, an obfuscated value using the translated bit unit groupings of the hashed value as indices into the digit cypher, the digit cypher including a mapping of the indices to output values in the numeric base; replacing the target value in the data records with the obfuscated value and protecting subscriber-identifiable information, wherein the target value includes a mobile device number, the hashing is performed using SHA-256, and one of: (i) the numeric base is base 64, and the bit unit groupings of the sparse bit pattern include groupings of six bits, and (ii) the numeric base is base 16, and the bit unit groupings of the sparse bit pattern include groupings of four bits. 12. The computer-readable medium of claim 11 , further configured to provide operations comprising applying a truncation to an output of the hashing module to create a truncated digest value to use as the hashed value. 13. The computer-readable medium of claim 11 , further configured to provide operations comprising creating the sparse bit selection pattern based on rules including that (i) for any given output value, no two selected bits of the hashed value are adjacent to one another and (ii) no specific bit of a given input value is mapped to more than one bit of an output value. 14. The computer-readable medium of claim 11 , further configured to provide operations comprising at least one of: (i) applying the sparse bit selection pattern to a plurality of portions of the hashed value exceeding the length of the sparse bit selection pattern; and (ii) applying a second sparse bit selection pattern to remainder bits of the hashed value of insufficient length to use the sparse bit selection pattern. 15. The computer-readable medium of claim 11 , the digit cypher including each of the possible output values for the numeric base of the digit cypher.