Format-Preserving Encryption

نویسندگان

Mihir Bellare

Thomas Ristenpart

Phillip Rogaway

Till Stegers

چکیده

Format-preserving encryption (FPE) encrypts a plaintext of some specified format into a ciphertext of identical format—for example, encrypting a valid credit-card number into a valid creditcard number. The problem has been known for some time, but it has lacked a fully general and rigorous treatment. We provide one, starting off by formally defining FPE and security goals for it. We investigate the natural approach for achieving FPE on complex domains, the “rank-then-encipher” approach, and explore what it can and cannot do. We describe two flavors of unbalanced Feistel networks that can be used for achieving FPE, and we prove new security results for each. We revisit the cycle-walking approach for enciphering on a non-sparse subset of an encipherable domain, showing that the timing information that may be divulged by cycle walking is not a damaging thing to leak.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Synopsis of Format-Preserving Encryption

Format-preserving encryption (FPE) encrypts a plaintext of some specified format into a ciphertext of the same format—for example, encrypting a social-security number into a social-security number. In this survey we describe FPE and review known techniques for achieving it. These include FFX, a recent proposal made to NIST.

متن کامل

Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption

This Recommendation specifies three methods for format-preserving encryption, called FF1, FF2, and FF3. Each of these methods is a mode of operation of the AES algorithm, which is used to construct a round function within the Feistel structure for encryption.

متن کامل

Notes on Property - Preserving Encryption

The first type of specialized encryption scheme that can be used in secure outsourced storage we will look at is property-preserving encryption. This is encryption where some desired property of the plaintexts is intentionally leaked by the ciphertexts. The two main examples we will study are deterministic encryption, which preserves the equality property, and order preserving encryption, which...

متن کامل

Practical Solutions For Format-Preserving Encryption

Format Preserving Encryption (FPE) schemes encrypt a plaintext into a ciphertext while preserving its format (e.g., a valid social-security number is encrypted into a valid social-security number), thus allowing encrypted data to be stored and used in the same manner as unencrypted data. Motivated by the always-increasing use of cloud-computing and memory delegation, which require preserving bo...

متن کامل

Analysis of VAES3 (FF2)

This note describes a theoretical chosen-plaintext attack on the VAES3 mode for format-preserving encryption. VAES3 was specified under the name FF2 in Draft NIST Special Publication 800-38G.

متن کامل