Skip to main content

Block Cipher Modes of Operation for Heterogeneous Format Preserving Encryption

  • Conference paper
  • First Online:
Information Security Practice and Experience (ISPEC 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10701))

Abstract

Format-preserving encryption (FPE), a kind of symmetric encryption, has caught a great deal of attention of late years. FPE, as the name suggests, does not change the format of inputs which may include the length of inputs, coding of characters or data size of inputs. It is very useful to encrypt or generate some data with fixed format such as credit card numbers (CCN), social security numbers (SSN) or even address. With this encryption, we can add encryption to existing applications without changing structures including input-output format or decreasing those performance. In this work we develop and discuss block cipher modes of operation for FPE which are applicable for messages consisting of multibyte characters and their securities. This paper also gives a way to implement these modes for the format consisting of characters encoded by EUC or UTF-8 and its performance. Formats consisting of multibyte characters – we call those “heterogeneous formats” – are very important in many countries including Japan where “Kanji” or other multibyte characters are used. In addition, this paper gives an efficient way to encrypt messages of such formats and modes of operations to realize a high performance encryption algorithm.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    We assume that the maximum entropy described in Sect. 2.1 of characters in plaintexts is smaller than s.

  2. 2.

    The entropy of the last block may be a little bigger than 2s with a little possibility.

References

  1. Agbeyibor, R., Butts, J., Grimaila, M., Mills, R.: Evaluation of format-preserving encryption algorithms for critical infrastructure protection. In: Butts, J., Shenoi, S. (eds.) ICCIP 2014. IAICT, vol. 441, pp. 245–261. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45355-1_16

    Google Scholar 

  2. Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: Proceedings of The 38th Annual Symposium on Foundations of Computer Science (FOCS 1997), pp. 394–405. IEEE (1997)

    Google Scholar 

  3. Black, J., Rogaway, P.: Ciphers with arbitrary finite domains. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 114–130. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45760-7_9

    Chapter  Google Scholar 

  4. Bellare, M., Ristenpart, T., Rogaway, P., Stegers, T.: Format-preserving encryption. In: Jacobson, M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 295–312. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05445-7_19

    Chapter  Google Scholar 

  5. Bellare, M., Ristenpart, T., Rogaway, P., Stegers, T.: The FFX mode of operation for Format-preserving encryption. NIST submission (2010)

    Google Scholar 

  6. Brier, E., Peyrin, T., Stern, J.: BPS: a format-preserving encryption proposal. NIST submission (2010)

    Google Scholar 

  7. Brightwell, M., Smith, H.: Using datatype-preserving encryption to enhance data warehouse security. In: Proceedings of the Twentieth National Information Systems Security Conference (1997)

    Google Scholar 

  8. Morris, B., Rogaway, P., Stegers, T.: How to encipher messages on a small domain. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 286–302. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_17

    Chapter  Google Scholar 

  9. Ma, H.Y., Liu, Z.L., Jia, C.F., Yuan, K.: Generalized format-preserving encryption for character data. Science paper Online (2013)

    Google Scholar 

  10. NIST Special Publication 800–38G: Recommendation for Block Cipher Modes of Operation - Methods for Format-Preserving Encryption, March 2016

    Google Scholar 

  11. Rogaway, P.: A Synopsis of Format-Preserving Encryption (2010)

    Google Scholar 

  12. Spies, T.: Format Preserving Encryption. Voltage Security, Cupertino, California (2008)

    Google Scholar 

  13. Spies, T.: Feistel Finite Set Encryption Mode. National Institute of Standards and Technology, Gaithersburg (2008)

    Google Scholar 

  14. Vance, J.: VAES3 Scheme for FFX: An Addendum to the FFX Mode of Operation for Format Preserving Encryption. National Institute of Standards and Technology, Gaithersburg (2011)

    Google Scholar 

  15. Vance, J., Bellare, M.: An extension of the FF2 FPE Scheme. Submission to NIST, July 2014

    Google Scholar 

  16. Weiss, M., Rozenberg, B., Barham, M.: Practical solutions for format-preserving encryption. arXiv:1506.04113

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Toshiya Shimizu .

Editor information

Editors and Affiliations

Appendices

A Example of Encryption

Here, we give an example of an encryption data with EUC coding. Parameter settings are just as mentioned in Sect. 5 and the mode is 2. The key K, initial vector \(\mathrm {IV}\), tweak T, plaintext and ciphertext are as follows;

figure f

Note that we didn’t use the permutation option for this encryption.

B Implementation for UTF-8

We give a way to construct an FPE algorithm for UTF-8 encoding. As mentioned in Sect. 5, all we have to do is to define rank functions and chara functions for UTF-8. Other algorithms do not depend on the character codes once we define such functions. Here we give an example of such constructions.

We use only 1-byte characters, 2-byte characters and 3-byte characters for simplification. Accordingly, we define three sets \(C_{\mathrm {utf8}, 1}\), \(C_{\mathrm {utf8}, 2}\), \(C_{\mathrm {utf8}, 3}\) consisting of 1-byte, 2-byte and 3-byte characters, respectively, the sizes of which are 95, 127 and 27880.

Table 3. UTF-8 2- byte codes
Table 4. UTF-8 3 byte “Kanji” codes
Table 5. UTF-8 3-byte codes

1-Byte. Rank and chara functions for \(C_{\mathrm {utf8}, 1}\) are constructed in the exactly similar way as those for EUC-JP.

2-Byte. To avoid the use of platform dependent characters, we use only characters appeared in 2-byte characters in EUC-JP. Then we can give a table for defining the rank and chara functions for \(C_{\mathrm {utf8}, 2}\). The algorithm for these functions is the same as shown in Algorithms 4 and 5. An example of table is given in Table 3

3-Byte. It is a little more complicated to define a table for 3-byte characters. We define two subsets \(C_{\mathrm {utf8}, 3.1}\), \(C_{\mathrm {utf8}, 3.2}\) of \(C_{\mathrm {utf8}, 3}\) which are a set containing no “Kanji” and set containing only “Kanji”. For simplification, we use only characters appeared in 2-byte characters in EUC-JP for \(C_{\mathrm {utf8}, 3.1}\). The table for this set is given in Table 5. We also use only CJK “Kanji” and CJK “Kanji” A appeared in Unicode 1.1 for simplification. The table for this set is showed in Table 4. The rank and chara functions are easily constructed from these tables.

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Shimizu, T., Shimoyama, T. (2017). Block Cipher Modes of Operation for Heterogeneous Format Preserving Encryption. In: Liu, J., Samarati, P. (eds) Information Security Practice and Experience. ISPEC 2017. Lecture Notes in Computer Science(), vol 10701. Springer, Cham. https://doi.org/10.1007/978-3-319-72359-4_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-72359-4_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-72358-7

  • Online ISBN: 978-3-319-72359-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics