Advertisement

eSPF: A Family of Format-Preserving Encryption Algorithms Using MDS Matrices

  • Donghoon Chang
  • Mohona Ghosh
  • Arpan Jati
  • Abhishek Kumar
  • Somitra Kumar Sanadhya
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10662)

Abstract

The construction SPF, presented in Inscrypt-2016 was the first known SPN based format-preserving encryption algorithm. In this work, we significantly improve its performance and flexibility. We term this new construction as eSPF. Unlike SPF, all the basic transformations of eSPF are defined under the field \(\mathbb {F}_p\). This allows us to use a MDS matrix instead of the binary matrix used in SPF. The optimal diffusion of MDS matrix leads to an efficient and secure design. However, this change leads to violations in the message format. To mitigate this, we propose a discarding algorithm to drop the symbols that are not the elements of the format thus preserving it.

We also present a concrete instantiation of eSPF for digits and its comparison with existing FPE algorithms like FFX and SPF. The performance analysis shows that the proposed design is at least 15 times faster than FFX for most of the practical applications.

Keywords

Format-preserving encryption MDS matrix SSN Cryptanalysis Substitution-permutation network 

References

  1. 1.
    Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: A 128-bit block cipher suitable for multiple platforms — design and analysis. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 39–56. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44983-3_4 CrossRefGoogle Scholar
  2. 2.
    Bellare, M., Hoang, V.T., Tessaro, S.: Message-recovery attacks on Feistel-based format preserving encryption. Cryptology ePrint Archive, report 2016/794 (2016). http://eprint.iacr.org/2016/794
  3. 3.
    Bellare, M., Ristenpart, T., Rogaway, P., Stegers, T.: Format-preserving encryption. In: Jacobson, M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 295–312. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-05445-7_19 CrossRefGoogle Scholar
  4. 4.
    Biham, E.: New types of cryptanalytic attacks using related keys. In: Helleseth [23], pp. 398–409 (1994)Google Scholar
  5. 5.
    Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48910-X_2 Google Scholar
  6. 6.
    Biham, E., Keller, N.: Cryptanalysis of reduced variants of Rijndael. (1999, unpublished manuscript)Google Scholar
  7. 7.
    Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991).  https://doi.org/10.1007/3-540-38424-3_1 CrossRefGoogle Scholar
  8. 8.
    Biryukov, A., Wagner, D.: Advanced slide attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 589–606. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-45539-6_41 CrossRefGoogle Scholar
  9. 9.
    Black, J., Rogaway, P.: Ciphers with arbitrary finite domains. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 114–130. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45760-7_9 CrossRefGoogle Scholar
  10. 10.
    Brier, E., Peyrin, T., Stern, J.: BPS: a format-preserving encryption proposal, NIST. http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/bps/bps-spec.pdf
  11. 11.
    Brightwell, M., Smith, H.: Using datatype-preserving encryption to enhance data warehouse security. vol. PP, pp. 141–149 (1997). http://csrc.nist.gov/niccs/1997
  12. 12.
    Chang, D., Ghosh, M., Gupta, K.C., Jati, A., Kumar, A., Moon, D., Ray, I.G., Sanadhya, S.K.: SPF: a new family of efficient format-preserving encryption algorithms. In: Chen, K., Lin, D., Yung, M. (eds.) Inscrypt 2016. LNCS, vol. 10143, pp. 64–83. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-54705-3_5 CrossRefGoogle Scholar
  13. 13.
    Coppersmith, D., Holloway, C., Matyas, S.M., Zunic, N.: The data encryption standard. Inf. Secur. Tech. Rep. 2(2), 22–24 (1997)CrossRefGoogle Scholar
  14. 14.
    Daemen, J., Knudsen, L., Rijmen, V.: The block cipher Square. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997).  https://doi.org/10.1007/BFb0052343 CrossRefGoogle Scholar
  15. 15.
    Daemen, J., Rijmen, V.: The block cipher Rijndael. In: Quisquater, J.-J., Schneier, B. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 277–284. Springer, Heidelberg (2000).  https://doi.org/10.1007/10721064_26 CrossRefGoogle Scholar
  16. 16.
    Daemen, J., Rijmen, V.: The wide trail design strategy. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 222–238. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-45325-3_20 CrossRefGoogle Scholar
  17. 17.
    Dobraunig, C., Eichlseder, M., Mendel, F.: Square attack on 7-round Kiasu-BC. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 500–517. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-39555-5_27 Google Scholar
  18. 18.
    Betl Durak, F., Vaudenay, S.: Breaking the FF3 format-preserving encryption standard over small domains. Cryptology ePrint Archive, Report 2017/521 (2017). http://eprint.iacr.org/2017/521
  19. 19.
    Dworkin, M.: NIST Special Publication 800–38A: Recommendation for Block Cipher Modes of Operation-Methods and Techniques, December 2001Google Scholar
  20. 20.
    Dworkin, M.: Recommendation for block cipher modes of operation: methods for format-preserving encryption, NIST Special Publication, 800:38G (2016)Google Scholar
  21. 21.
    Granboulan, L., Levieil, É., Piret, G.: Pseudorandom permutation families over Abelian groups. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 57–77. Springer, Heidelberg (2006).  https://doi.org/10.1007/11799313_5 CrossRefGoogle Scholar
  22. 22.
    Gupta, K.C., Pandey, S.K., Ray, I.G.: Format preserving sets: on diffusion layers of format preserving encryption schemes. In: Dunkelman, O., Sanadhya, S.K. (eds.) INDOCRYPT 2016. LNCS, vol. 10095, pp. 411–428. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-49890-4_23 CrossRefGoogle Scholar
  23. 23.
    Helleseth, T. (ed.): EUROCRYPT 1993. LNCS, vol. 765. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48285-7 MATHGoogle Scholar
  24. 24.
    Hoang, V.T., Morris, B., Rogaway, P.: An enciphering scheme based on a card shuffle. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 1–13. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_1 CrossRefGoogle Scholar
  25. 25.
    Jean, J., Nikolić, I., Peyrin, T.: Tweaks and keys for block ciphers: the TWEAKEY framework. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 274–288. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45608-8_15 Google Scholar
  26. 26.
    Lee, J.-K., Koo, B., Roh, D., Kim, W.-H., Kwon, D.: Format-preserving encryption algorithms using families of tweakable blockciphers. In: Lee, J., Kim, J. (eds.) ICISC. LNCS, vol. 8949, pp. 132–159. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-15943-0_9 Google Scholar
  27. 27.
    Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31–46. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45708-9_3 CrossRefGoogle Scholar
  28. 28.
    Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48285-7_33 Google Scholar
  29. 29.
    Morris, B., Rogaway, P.: Sometimes-recurse shuffle. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 311–326. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-55220-5_18 CrossRefGoogle Scholar
  30. 30.
    Morris, B., Rogaway, P., Stegers, T.: How to encipher messages on a small domain. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 286–302. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03356-8_17 CrossRefGoogle Scholar
  31. 31.
    Ristenpart, T., Yilek, S.: The mix-and-cut shuffle: small-domain encryption secure against N queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 392–409. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40041-4_22 CrossRefGoogle Scholar
  32. 32.
    Rogaway, P.: Evaluation of some blockcipher modes of operation. http://www.cryptrec.go.jp/estimation/techrep_id2012_2.pdf
  33. 33.
    Schroeppel, R., Orman, H: The hasty pudding cipher. AES candidate submitted to NIST, pp. M1 (1998)Google Scholar
  34. 34.
    Sheets, J., Wagner, K.R.: Visa Format Preserving Encryption (VFPE), NIST submission (2011)Google Scholar
  35. 35.
    Spies, T.: Feistel finite set encryption, NIST submission, February 2008. http://csrc.nist.gov/groups/ST/toolkit/BCM/modes-development.html

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Donghoon Chang
    • 1
  • Mohona Ghosh
    • 2
  • Arpan Jati
    • 1
  • Abhishek Kumar
    • 1
  • Somitra Kumar Sanadhya
    • 3
  1. 1.Indraprastha Institute of Information TechnologyDelhiIndia
  2. 2.Indian Institute of Information Technology Design and ManufacturingJabalpurIndia
  3. 3.Indian Institute of TechnologyRoparIndia

Personalised recommendations