Format-preserving encryption

About: Format-preserving encryption is a research topic. Over the lifetime, 112 publications have been published within this topic receiving 2050 citations.

Format preserving encryption methods for data strings with constraints

Abstract: Format preserving encryption (FPE) cryptographic engines are provided for performing encryption and decryption on strings. A plaintext string may be converted to ciphertext by repeated application of a format preserving encryption cryptographic algorithm. Following each application of the format preserving cryptographic algorithm, the resulting version of the string may be analyzed to determine whether desired string constraints have been satisfied. If the string constraints have not been satisfied, further applications of the format preserving cryptographic algorithm may be performed. If the string constraints have been satisfied, the current version of the string may be used as an output for the cryptographic engine.

A Synopsis of Format-Preserving Encryption

Abstract: Format-preserving encryption (FPE) encrypts a plaintext of some specified format into a ciphertext of the same format—for example, encrypting a social-security number into a social-security number. In this survey we describe FPE and review known techniques for achieving it. These include FFX, a recent proposal made to NIST.

Message-Recovery Attacks on Feistel-Based Format Preserving Encryption

Abstract: We give attacks on Feistel-based format-preserving encryption (FPE) schemes that succeed in message recovery (not merely distinguishing scheme outputs from random) when the message space is small. For $4$-bit messages, the attacks fully recover the target message using $2^{21}$ examples for the FF3 NIST standard and $2^{25}$ examples for the FF1 NIST standard. The examples include only three messages per tweak, which is what makes the attacks non-trivial even though the total number of examples exceeds the size of the domain. The attacks are rigorously analyzed in a new definitional framework of message-recovery security. The attacks are easily put out of reach by increasing the number of Feistel rounds in the standards.

Encryption and decryption techniques using shuffle function

Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.

Evaluation of Format- Preserving Encryption Algorithms for Critical Infrastructure Protection

Abstract: Legacy critical infrastructure systems lack secure communications capabilities that can protect against modern threats. In particular, operational requirements such as message format and interoperability prevent the adoption of standard encryption algorithms. Three new algorithms recommended by the National Institute of Standards and Technology (NIST) for format-preserving encryption could potentially support the encryption of legacy protocols in critical infrastructure assets. The three algorithms, FF1, FF2 and FF3, provide the ability to encrypt arbitrarily-formatted data without padding or truncation, which is a critical requirement for interoperability in legacy systems. This paper presents an evaluation of the three algorithms with respect to entropy and operational latency when implemented on a Xilinx Virtex-6 (XC6VLX240T) FPGA. While the three algorithms inherit the security characteristics of the underlying Advanced Encryption Standard (AES) cipher, they exhibit some important differences in their performance characteristics.