eSPF: A Family of Format-Preserving Encryption Algorithms Using MDS Matrices
Abstract
The construction SPF, presented in Inscrypt-2016 was the first known SPN based format-preserving encryption algorithm. In this work, we significantly improve its performance and flexibility. We term this new construction as eSPF. Unlike SPF, all the basic transformations of eSPF are defined under the field \(\mathbb {F}_p\). This allows us to use a MDS matrix instead of the binary matrix used in SPF. The optimal diffusion of MDS matrix leads to an efficient and secure design. However, this change leads to violations in the message format. To mitigate this, we propose a discarding algorithm to drop the symbols that are not the elements of the format thus preserving it.
We also present a concrete instantiation of eSPF for digits and its comparison with existing FPE algorithms like FFX and SPF. The performance analysis shows that the proposed design is at least 15 times faster than FFX for most of the practical applications.
Keywords
Format-preserving encryption MDS matrix SSN Cryptanalysis Substitution-permutation networkReferences
- 1.Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: A 128-bit block cipher suitable for multiple platforms — design and analysis. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 39–56. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44983-3_4 CrossRefGoogle Scholar
- 2.Bellare, M., Hoang, V.T., Tessaro, S.: Message-recovery attacks on Feistel-based format preserving encryption. Cryptology ePrint Archive, report 2016/794 (2016). http://eprint.iacr.org/2016/794
- 3.Bellare, M., Ristenpart, T., Rogaway, P., Stegers, T.: Format-preserving encryption. In: Jacobson, M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 295–312. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05445-7_19 CrossRefGoogle Scholar
- 4.Biham, E.: New types of cryptanalytic attacks using related keys. In: Helleseth [23], pp. 398–409 (1994)Google Scholar
- 5.Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_2 Google Scholar
- 6.Biham, E., Keller, N.: Cryptanalysis of reduced variants of Rijndael. (1999, unpublished manuscript)Google Scholar
- 7.Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-38424-3_1 CrossRefGoogle Scholar
- 8.Biryukov, A., Wagner, D.: Advanced slide attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 589–606. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_41 CrossRefGoogle Scholar
- 9.Black, J., Rogaway, P.: Ciphers with arbitrary finite domains. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 114–130. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45760-7_9 CrossRefGoogle Scholar
- 10.Brier, E., Peyrin, T., Stern, J.: BPS: a format-preserving encryption proposal, NIST. http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/bps/bps-spec.pdf
- 11.Brightwell, M., Smith, H.: Using datatype-preserving encryption to enhance data warehouse security. vol. PP, pp. 141–149 (1997). http://csrc.nist.gov/niccs/1997
- 12.Chang, D., Ghosh, M., Gupta, K.C., Jati, A., Kumar, A., Moon, D., Ray, I.G., Sanadhya, S.K.: SPF: a new family of efficient format-preserving encryption algorithms. In: Chen, K., Lin, D., Yung, M. (eds.) Inscrypt 2016. LNCS, vol. 10143, pp. 64–83. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54705-3_5 CrossRefGoogle Scholar
- 13.Coppersmith, D., Holloway, C., Matyas, S.M., Zunic, N.: The data encryption standard. Inf. Secur. Tech. Rep. 2(2), 22–24 (1997)CrossRefGoogle Scholar
- 14.Daemen, J., Knudsen, L., Rijmen, V.: The block cipher Square. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052343 CrossRefGoogle Scholar
- 15.Daemen, J., Rijmen, V.: The block cipher Rijndael. In: Quisquater, J.-J., Schneier, B. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 277–284. Springer, Heidelberg (2000). https://doi.org/10.1007/10721064_26 CrossRefGoogle Scholar
- 16.Daemen, J., Rijmen, V.: The wide trail design strategy. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 222–238. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45325-3_20 CrossRefGoogle Scholar
- 17.Dobraunig, C., Eichlseder, M., Mendel, F.: Square attack on 7-round Kiasu-BC. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 500–517. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39555-5_27 Google Scholar
- 18.Betl Durak, F., Vaudenay, S.: Breaking the FF3 format-preserving encryption standard over small domains. Cryptology ePrint Archive, Report 2017/521 (2017). http://eprint.iacr.org/2017/521
- 19.Dworkin, M.: NIST Special Publication 800–38A: Recommendation for Block Cipher Modes of Operation-Methods and Techniques, December 2001Google Scholar
- 20.Dworkin, M.: Recommendation for block cipher modes of operation: methods for format-preserving encryption, NIST Special Publication, 800:38G (2016)Google Scholar
- 21.Granboulan, L., Levieil, É., Piret, G.: Pseudorandom permutation families over Abelian groups. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 57–77. Springer, Heidelberg (2006). https://doi.org/10.1007/11799313_5 CrossRefGoogle Scholar
- 22.Gupta, K.C., Pandey, S.K., Ray, I.G.: Format preserving sets: on diffusion layers of format preserving encryption schemes. In: Dunkelman, O., Sanadhya, S.K. (eds.) INDOCRYPT 2016. LNCS, vol. 10095, pp. 411–428. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49890-4_23 CrossRefGoogle Scholar
- 23.Helleseth, T. (ed.): EUROCRYPT 1993. LNCS, vol. 765. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7 MATHGoogle Scholar
- 24.Hoang, V.T., Morris, B., Rogaway, P.: An enciphering scheme based on a card shuffle. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 1–13. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_1 CrossRefGoogle Scholar
- 25.Jean, J., Nikolić, I., Peyrin, T.: Tweaks and keys for block ciphers: the TWEAKEY framework. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 274–288. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45608-8_15 Google Scholar
- 26.Lee, J.-K., Koo, B., Roh, D., Kim, W.-H., Kwon, D.: Format-preserving encryption algorithms using families of tweakable blockciphers. In: Lee, J., Kim, J. (eds.) ICISC. LNCS, vol. 8949, pp. 132–159. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-15943-0_9 Google Scholar
- 27.Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31–46. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45708-9_3 CrossRefGoogle Scholar
- 28.Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_33 Google Scholar
- 29.Morris, B., Rogaway, P.: Sometimes-recurse shuffle. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 311–326. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_18 CrossRefGoogle Scholar
- 30.Morris, B., Rogaway, P., Stegers, T.: How to encipher messages on a small domain. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 286–302. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_17 CrossRefGoogle Scholar
- 31.Ristenpart, T., Yilek, S.: The mix-and-cut shuffle: small-domain encryption secure against N queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 392–409. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_22 CrossRefGoogle Scholar
- 32.Rogaway, P.: Evaluation of some blockcipher modes of operation. http://www.cryptrec.go.jp/estimation/techrep_id2012_2.pdf
- 33.Schroeppel, R., Orman, H: The hasty pudding cipher. AES candidate submitted to NIST, pp. M1 (1998)Google Scholar
- 34.Sheets, J., Wagner, K.R.: Visa Format Preserving Encryption (VFPE), NIST submission (2011)Google Scholar
- 35.Spies, T.: Feistel finite set encryption, NIST submission, February 2008. http://csrc.nist.gov/groups/ST/toolkit/BCM/modes-development.html