About: Format-preserving encryption is a research topic. Over the lifetime, 112 publications have been published within this topic receiving 2050 citations.
Papers published on a yearly basis
TL;DR: This paper presents distinguishing attacks against Feistel-based FPEs and shows how to extend the distinguishing attack on FEA-1 andFEA-2 using 192-bit and 256-bit keys into key recovery attacks with time complexity 2 (for both attacks).
Abstract: Format-Preserving Encryption (FPE) is a method to encrypt non-standard domains, thus allowing for securely encrypting not only binary strings, but also special domains, e.g., social security numbers into social security numbers. The need for those resulted in a few standardized constructions such as the NIST standardized FF1 and FF3-1 and the Korean Standards FEA-1 and FEA-2. Moreover, there are currently efforts both in ANSI and in ISO to include such block ciphers to standards (e.g., the ANSI X9.124 discussing encryption for financial services). Most of the proposed FPE schemes, such as the NIST standardized FF1 and FF3-1 and the Korean Standards FEA-1 and FEA-2, are based on a Feistel construction with pseudo-random round functions. Moreover, to mitigate enumeration attacks against the possibly small domains, they all employ tweaks, which enrich the actual domain sizes. In this paper we present distinguishing attacks against Feistel-based FPEs. We show a distinguishing attack against the full FF1 with data complexity of 2 20-bit plaintexts, against the full FF3-1 with data complexity of 2 20-bit plaintexts. For FEA-1 with 128-bit, 192-bit and 256-bit keys, the data complexity of the distinguishing attack is 2, 2, and 2 8-bit plaintexts, respectively. The data complexity of the distinguishing attack against the full FEA-2 with 128-bit, 192-bit and 256-bit is 2, 2, and 2 8-bit plaintexts, respectively. Moreover, we show how to extend the distinguishing attack on FEA-1 and FEA-2 using 192-bit and 256-bit keys into key recovery attacks with time complexity 2 (for both attacks).
••01 Jan 2018
TL;DR: A Format Preserving Encryption method by accumulating with Advance encryption standard (AES), eXclusive OR operation and a translation method for 16 digit numeric data is proposed.
Abstract: In the current scenario data security has become an important issue with the growth of digital media. Many users and the applications are accessing the data both from inside and outside the database. Hence, the database as well as data within these databases has become the key target for most of the attackers. Many cryptographic schemes have been designed to solve this problem. Encryption plays an important role in providing the data confidentiality to data stored within the databases. But, the problem in adopting the standard encryption methods is that they may cause a damage to the existing schema as well as to the underlying applications or database as the output length is different from the input length and it also changes the format of data. This paper proposes a Format Preserving Encryption method by accumulating with Advance encryption standard(AES), eXclusive OR operation and a translation method for 16 digit numeric data. Format preserving encryption technique is used to minimizes the databases changes by preserving the format as well as the length of the input data.
••19 Aug 2018
TL;DR: The security deficiencies in the NIST SP800-38G standard have been highlighted by Bellare, Hoang, Tessaro, CCS ’16; Durak and Vaudenay, CRYPTO ’17 as mentioned in this paper.
Abstract: Format-preserving encryption (FPE) produces ciphertexts which have the same format as the plaintexts. Building secure FPE is very challenging, and recent attacks (Bellare, Hoang, Tessaro, CCS ’16; Durak and Vaudenay, CRYPTO ’17) have highlighted security deficiencies in the recent NIST SP800-38G standard. This has left the question open of whether practical schemes with high security exist.
TL;DR: The rigorous analysis on cycle-walking's properties including consistency, security, and efficiency is presented and it is shown that cycle- Walking would not degrade the security of underlying ciphers.
Abstract: Cycle-walking is a method that makes sure ciphertext falls in the acceptable range through encrypting plaintext repeatedly with some underlying cipher. This technology provides a general way to construct cryptographic schemes for various interesting applications, including enhancing existing system security without the change of original structure, encrypting multimedia data with the preservation of scalability, generating credit card numbers for Web transaction, and so on, which have a common feature that ciphertext is required to satisfy certain restrictions in order to allow some operations directly imposed on encrypted data. Nevertheless, as far as we know, there exists little work making rigorous analysis on cycle-walking, especially its undeterministic efficiency, which may limit the application of schemes constructed by such technology or even lead it to unpracticality. In this paper, aiming at filling some gaps about cycle-walking and helping cryptographic theory “catch up” with its application, we present the rigorous analysis on cycle-walking's properties including consistency, security, and efficiency. On consistency, we show that cycle-walking will necessarily arrive back with finite iteration rounds and its decryption reverses encryption. On security, we show that cycle-walking would not degrade the security of underlying ciphers. On efficiency, instead of using “nondeterministic” to describe cycle-walking's performance in previous work, we make precise analysis and provide the answer to “how long is the duration of cycle-walking's encrypting process.” Copyright © 2012 John Wiley & Sons, Ltd.
TL;DR: The paper introduces the application scopes of FPE and points out that performance, integrity authentication and key problems of database encryption with FPE, such as making range query and arithmetic operation on encrypted data, are the major problems to be solved in the future.
Abstract: The paper reviews the current research situation of FPE(format-preserving encryption) including basic constructing methods,encryption modes and securityWhen describing the basic constructing methods,it introduces the basic principles of Prefix,Cycle-Walking and Generalized-Feistel and their application scopesWhen explaining the encryption modes,it mainly analyzes the construction features of FPE modes or schemes,introduces the principles of three classical modes,summarizes the different types of Feistel networks and presents an overview of their applications in FPEWhen talking about the security,it describes the security notions of FPE and their corresponding games,analyzing the relationship among themIn the end,it introduces the application scopes of FPE and points out that performance,integrity authentication and key problems of database encryption with FPE,such as making range query and arithmetic operation on encrypted data,are the major problems to be solved in the futureAll these works will play a role in promoting research of format-preserving encryption