Skip to main content
SpringerLink
Log in

A Generalized Format Preserving Encryption Framework Using MDS Matrices

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

The construction SPF, presented in Inscrypt-2016, was the first known substitution permutation network (SPN)–based format preserving encryption (FPE) algorithm. In this work, we present a new family of SPN-based FPE algorithms “eSPF” that significantly improves the performance and flexibility of SPF. The eSPF uses a MDS matrix instead of the binary matrix used in SPF. The optimal diffusion of MDS matrix leads to an efficient and secure design. However, this change leads to violations in the message format. To mitigate this, we propose a discarding algorithm to drop the symbols that are not the elements of the format thus preserving it. In this work, we propose the general framework of eSPF and then show how our construction can be adapted under different use cases. We provide detailed analysis of eSPF for four popular concrete instantiations—digits , alphabets, case-insensitive alphanumeric, and case-sensitive alphanumeric. We provide security and performance analysis for all these use cases. We also compare our construction with existing FPE algorithms like FFX and SPF and show that the proposed design is approx ten times faster than FFX for most of the practical applications.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

Notes

  1. Up-to 6-input Lookup Tables.

References

  1. Bellare M, Hoang VT, Tessaro S (2016) Message-recovery attacks on Feistel-based format preserving encryption. Cryptology ePrint Archive, Report 2016/794. http://eprint.iacr.org/2016/794

  2. Bellare M, Ristenpart T, Rogaway P, Stegers T, Rijmen V, Safavi-Naini R (2009) Format-preserving encryption. In: Jacobson MJ Jr (ed) Selected areas in cryptography, 16th annual international workshop, SAC 2009, Calgary, Alberta, Canada, August 13–14, 2009, Revised Selected Papers, Lecture Notes in Computer Science, vol 5867. Springer, pp 295–312

  3. Biham E, Keller N (1999) Cryptanalysis of reduced variants of Rijndael (unpublished manuscript)

  4. Biham E, Shamir A (1990) Differential cryptanalysis of DES-like cryptosystems. In: Menezes A, Vanstone SA (eds) Advances in cryptology - CRYPTO ’90, 10th annual international cryptology conference, Santa Barbara, California, USA, August 11–15, 1990, Proceedings, Lecture Notes in Computer Science, vol 537. Springer, pp 2–21

  5. Biham E, Biryukov A, Shamir A (1999) Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials. In: Stern J (ed) Advances in cryptology - EUROCRYPT ’99, international conference on the theory and application of cryptographic techniques, Prague, Czech Republic, May 2–6, 1999, Proceeding, Lecture Notes in Computer Science, vol 1592. Springer, pp 12–23

  6. Biryukov A, Wagner D (2000) Advanced slide attacks. In: Preneel B (ed) Advances in cryptology - EUROCRYPT 2000, international conference on the theory and application of cryptographic techniques, Bruges, Belgium, May 14–18, 2000, Proceeding, Lecture Notes in Computer Science, vol 1807. Springer, pp 589–606

  7. Black J, Rogaway P (2002) Ciphers with arbitrary finite domains. In: Preneel B (ed) Topics in cryptology - CT-RSA 2002, The Cryptographer’S Track at the RSA conference, 2002, San Jose, CA, USA, February 18–22, 2002, Proceedings, Lecture Notes in Computer Science, vol 2271. Springer, pp 114–130

  8. Brier E, Peyrin T, Stern J BPS: a format-preserving encryption proposal, NIST (available at http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/bps/bps-spec.pdf)

  9. Brightwell M, Smith H (1997) Using datatype-preserving encryption to enhance data warehouse security, pp 141–149 (Available at http://csrc.nist.gov/niccs/1997)

  10. Chang D, Ghosh M, Gupta KC, Jati A, Kumar A, Moon D, Ray IG, Sanadhya SK (2016) SPF: a new family of efficient format-preserving encryption algorithms. In: Chen K, Lin D, Yung M (eds) Information security and cryptology - 12th international conference, Inscrypt 2016, Beijing, China, November 4–6, 2016, Revised Selected Papers, Lecture Notes in Computer Science, vol 10143. Springer, pp 64–83

  11. Chang D, Ghosh M, Jati A, Kumar A, Sanadhya SK (2017) espf: a family of format-preserving encryption algorithms using MDS matrices. In: Ali SS, Danger J, Eisenbarth T (eds) Security, privacy, and applied cryptography engineering - 7th international conference, SPACE 2017, Goa, India, December 13–17, 2017, Proceedings, Lecture Notes in Computer Science, vol 10662. Springer, pp 133–150

  12. Conway polynomials for finite fields, howpublished = http://www.math.rwth-aachen.de/~frank.luebeck/data/conwaypol/index.html?lang=en

  13. Durak FB, Vaudenay S (2017) Breaking the FF3 format-preserving encryption standard over small domains. Cryptology ePrint Archive, Report 2017/521. http://eprint.iacr.org/2017/521

  14. Dworkin M (2016) Recommendation for block cipher modes of operation: methods for format-preserving encryption. NIST Spec Publ 800:38G

  15. Dworkin M NIST Special Publication 800-38A: recommendation for block cipher modes of operation-methods and techniques (December, 2001)

  16. Granboulan L, Levieil É, Piret G (2006) Pseudorandom permutation families over Abelian groups. In: Robshaw MJB (ed) Fast software encryption, 13th international workshop, FSE 2006, Graz, Austria, March 15–17, 2006, Revised Selected Papers, Lecture Notes in Computer Science, vol 4047. Springer, pp 57–77

  17. Hoang VT, Morris B, Rogaway P (2012) An enciphering scheme based on a card shuffle. In: Safavi-Naini R, Canetti R (eds) Advances in cryptology - CRYPTO 2012 - 32nd annual cryptology conference, Santa Barbara, CA, USA, August 19–23, 2012. Proceedings, Lecture Notes in Computer Science, vol 7417. Springer, pp 1–13

  18. Jean J, Nikolic I, Peyrin T (2014) Tweaks and keys for block ciphers: the TWEAKEY Framework. In: Advances in cryptology - ASIACRYPT 2014 - 20th international conference on the theory and application of cryptology and information security, Kaoshiung, Taiwan, R.O.C., December 7–11, 2014, Proceedings, Part II, pp 274–288

  19. Lee J, Koo B, Roh D, Kim W, Kwon D (2014) Format-preserving encryption algorithms using families of Tweakable Blockciphers. In: Lee J, Kim J (eds) Information security and cryptology - ICISC 2014 - 17th international conference, Seoul, Korea, December 3–5, 2014, Revised Selected Papers, Lecture Notes in Computer Science, vol 8949. Springer, pp 132–159

  20. Liskov M, Rivest RL, Wagner DA (2002) Tweakable block ciphers. In: Yung M (ed) Advances in cryptology - CRYPTO 2002, 22nd annual international cryptology conference, Santa Barbara, California, USA, August 18–22, 2002, Proceedings, Lecture Notes in Computer Science, vol 2442. Springer, pp 31–46

  21. Matsui M (1993) Linear cryptoanalysis method for DES cipher. In: Helleseth T (ed) Advances in cryptology - EUROCRYPT ’93, workshop on the theory and application of of cryptographic techniques, Lofthus, Norway, May 23–27, 1993, Proceedings, Lecture Notes in Computer Science, vol 765. Springer, pp 386–397

  22. Morris B, Rogaway P, Stegers T (2009) How to encipher messages on a small domain. In: Halevi S (ed) Advances in cryptology - CRYPTO 2009, 29th annual international cryptology conference, Santa Barbara, CA, USA, August 16–20, 2009. Proceedings, Lecture Notes in Computer Science, vol 5677. Springer, pp 286–302

  23. Mouha N, Wang Q, Gu D, Preneel B (2011) Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu C, Yung M, Lin D (eds) Information security and cryptology - 7th international conference, Inscrypt 2011, Beijing, China, November 30–December 3, 2011. Revised Selected Papers, Lecture Notes in Computer Science, vol 7537. Springer, pp 57– 76

  24. Ristenpart T, Yilek S (2013) The mix-and-cut shuffle: small-domain encryption secure against N queries. In: Canetti R, Garay JA (eds) Advances in cryptology - CRYPTO 2013 - 33rd annual cryptology conference, Santa Barbara, CA, USA, August 18–22, 2013. Proceedings, Part I, Lecture Notes in Computer Science, vol 8042. Springer, pp 392–409

  25. Rogaway P Evaluation of some blockcipher modes of operation. http://www.cryptrec.go.jp/estimation/techrep_id2012_2.pdf

  26. Schroeppel R, Orman H (1998) The hasty pudding cipher. AES candidate submitted to NIST, p M1

  27. Sheets J, Wagner KR Visa format preserving encryption (VFPE). (NIST submission(2011))

Download references

Acknowledgements

We would like to thank the Department of Science & Technology, Government of India, for supporting this work under the India-Israel bilateral research project. We are also immensely grateful to the anonymous reviewers for their insightful comments.

Funding

This research is supported by Indo-Israel project of Department of Science & Technology (DST), India.

Author information

Authors and Affiliations

  1. Indraprastha Institute of Information Technology, Delhi, India

    Donghoon Chang & Arpan Jati

  2. Indira Gandhi Delhi Technical University for Women, Delhi, India

    Mohona Ghosh

  3. Indian Institute of Technology, Ropar, India

    Abhishek Kumar & Somitra Kumar Sanadhya

Authors
  1. Donghoon Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohona Ghosh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Arpan Jati
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Abhishek Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Somitra Kumar Sanadhya
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Abhishek Kumar.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Electronic supplementary material

Below is the link to the electronic supplementary material.

(PDF 133 KB)

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chang, D., Ghosh, M., Jati, A. et al. A Generalized Format Preserving Encryption Framework Using MDS Matrices. J Hardw Syst Secur 3, 3–11 (2019). https://doi.org/10.1007/s41635-019-00065-x

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-019-00065-x

Keywords

Search

Navigation