About: Format-preserving encryption is a research topic. Over the lifetime, 112 publications have been published within this topic receiving 2050 citations.
Papers published on a yearly basis
••10 Jul 2015
TL;DR: In this paper, the authors explore the feasibility of adopting Format Preserving Encryption (FNR) for SQL-aware encrypted databases and propose a storage efficient SQLaware encrypted database that preserves the format of the fields.
Abstract: We propose storage efficient SQL-aware encrypted databases that preserve the format of the fields. We give experimental results of storage improvements in CryptDB using FNR encryption scheme. We explore the feasibility of adopting Format Preserving Encryption for SQL-aware encrypted databases.
21 Jan 2016
TL;DR: In this paper, a policy broker is disclosed that maintains keys for clients in confidence, while providing cryptographically secure ciphertext as tokens that the clients may use in their systems as though they were the unencrypted data.
Abstract: Encrypting data without losing their format is important in computing systems, because many parties using confidential data rely on systems that require specific formatting for data. Information security depends on the systems and methods used to store and transmit data as well as the keys used to encrypt and decrypt those data. A policy broker is disclosed that maintains keys for clients in confidence, while providing cryptographically secure ciphertext as tokens that the clients may use in their systems as though they were the unencrypted data. Tokens are uniquely constructed for each client by the policy broker based on policies set by a receiving client detailing the formatting needs of their systems. Each client may communicate with other clients via the policy broker with the tokens and will send tokens unique to their system that the policy broker will translate into the tokens of the other party.
••04 Nov 2016
TL;DR: Format-Preserving Encryption is a symmetric key cryptographic primitive that is used to achieve this functionality and almost all the existing FPE schemes are based on Feistel construction and have efficiency issues.
Abstract: Commonly used encryption methods treat the plaintext merely as a stream of bits, disregarding any specific format that the data might have. In many situations, it is desirable and essential to have the ciphertext follow the same format as the plaintext. Moreover, ciphertext length expansion is also not allowed in these situations. Encryption of credit card numbers and social security numbers are the two most common examples of this requirement. Format-Preserving Encryption (FPE) is a symmetric key cryptographic primitive that is used to achieve this functionality. Initiated by the work of Black and Rogaway (CT-RSA 2002), many academic solutions have been proposed in literature that have focused on designing efficient FPE schemes. However, almost all the existing FPE schemes are based on Feistel construction and have efficiency issues.
TL;DR: The main novelty of this work is a new block cipher operation mode proposal to implement an FPE algorithm in a stream cipher fashion, called CTR-MOD, based on a standard block cipher working in CTR (Counter) mode and a modulo operation.
Abstract: In some encryption systems it is necessary to preserve the format and length of the encrypted data. This kind of encryption is called FPE (Format Preserving Encryption). Currently, only two AES (Advanced Encryption Standard) modes of operation recommended by the NIST (National Institute of Standards and Technology) are able to implement FPE algorithms, FF1 and FF3. These modes work in an electronic codebook fashion and can be configured to encrypt databases with an arbitrary format and length. However, there are no stream cipher proposals able to implement FPE encryption for high data rate information flows. The main novelty of this work is a new block cipher operation mode proposal to implement an FPE algorithm in a stream cipher fashion. It has been called CTR-MOD and it is based on a standard block cipher working in CTR (Counter) mode and a modulo operation. The confidentiality of this mode is analyzed in terms of its IND- CPA (Indistinguishability under Chosen Plaintext Attack) advantage of any adversary attacking it. Moreover, the encryption scheme has been implemented on an FPGA (Field Programmable Gate Array) and has been integrated in a Gigabit Ethernet interface to test an encrypted optical link with a real high data rate traffic flow.