Topic
Format-preserving encryption
About: Format-preserving encryption is a research topic. Over the lifetime, 112 publications have been published within this topic receiving 2050 citations.
Papers published on a yearly basis
Papers
More filters
Patent•
11 Jan 2016TL;DR: In this article, an input string can be divided into blocks (potentially of varying length) and an arrangement of cryptographic pipelines can perform operations on different blocks, each pipeline providing an output block.
Abstract: Systems, apparatuses, and methods are provided for fast format-preserving encryption. An input string can be divided into blocks (potentially of varying length). An arrangement of cryptographic pipelines can perform operations on different blocks, each pipeline providing an output block. The cryptographic pipelines can interact such that the output blocks are dependent on each other, thereby providing strong encryption. The pipelines can operate efficiently on the block and operations can occur partly in parallel.
4 citations
01 Jul 2017
TL;DR: A construction for integer which is based on the unbalanced Feistel network is suggested, which improves the performance by reducing the probability of cycle-walking and shows that it's practical and secure.
Abstract: To protect the confidentiality of information system, encryption techniques are essential and widely used. However, the encryption with a traditional block cipher may cause a damage to the application or database due to the format changing. Format-preserving encryption (FPE) plays an important role in practice, especially for the integer. We studied the problems on applying FPE for integer, specifically the low performance caused by cycle-walking. In this paper, we suggest a construction for integer which is based on the unbalanced Feistel network. It improves the performance by reducing the probability of cycle-walking. Besides, we analyze the security and performance. The result shows that it's practical and secure.
4 citations
TL;DR: The RREM (random reference-based encryption mode), which constructs bijection between the original domain and integer set through distance computation, can solve the FPE problem on linear equidistance domain in a more efficient way than previous methods.
Abstract: Format-preserving encryption (FPE), which makes sure that ciphertext has the same format as plaintext, has been widely used in protecting sensitive data in a database. Aiming at efficiently solving the FPE problem on a collection of practical domains, we propose the RREM (random reference-based encryption mode), which constructs bijection between the original domain and integer set through distance computation. If an appropriate distance function is predefined, the proposed mode can solve the FPE problem on linear equidistance domain in a more efficient way than previous methods. Furthermore, we make a classification on various types of domains, show the application of RREM in some practical domains, and specify RREM’s capability of solving the FPE problem on frequently-used fields in database quite efficiently.
4 citations
Patent•
IBM1
TL;DR: A data security method including creating a token including plaintext by including a predefined token into a plaintext, generating a cyphertext by encrypting the token-including plaintext using format-preserving encryption, and decrypting an input text, determining whether the decrypted cyphtext includes a first predefined word, if the decryption does not include the first word as mentioned in this paper.
Abstract: A data security method including creating a token-including plaintext by including a predefined token into a plaintext, generating a cyphertext by encrypting the token-including plaintext using format-preserving encryption, generating a decrypted cyphertext by decrypting an input text, determining whether the decrypted cyphertext includes a first predefined token, if the decrypted cyphertext includes the first predefined token, recreating the plaintext by removing the first predefined token from the decrypted cyphertext, and if the decrypted cyphertext does not include the first predefined token, using the input text as the plaintext.
4 citations
01 Nov 2019
TL;DR: The vulnerabilities of data-masking techniques that preserve the format of data are discussed and two industrial datasets are investigated and analysed to investigate the potential data privacy leakage that could arise from using inappropriate data masking techniques.
Abstract: With the growing number of regulations and concerns regarding data privacy, there is an increasing need for protecting Personally Identifiable Information (PII). A widely-used approach to protect PII is to apply data-masking techniques in order to remove or hide the identities of the individuals referred to in the data under investigation. A particular class of data-masking techniques aims at preserving the format of the source data, so as to allow using encoded data where the corresponding source is expected, thereby minimising application changes to perform tasks such as statistical analysis or testing. Various encoding techniques are used to protect data privacy while preserving the format, including Format-Preserving Encryption (FPE) and masking out. Even though convenient, preserving the format of data might lead to re-identification attacks. In this paper, we discuss the vulnerabilities of data-masking techniques that preserve the format of data and analyse their security and privacy properties. We investigate two industrial datasets and quantify the potential data privacy leakage that could arise from using inappropriate data masking techniques.
4 citations