Cryptology ePrint Archive: Report 2009/251

Format-Preserving Encryption

Mihir Bellare and Thomas Ristenpart and Phillip Rogaway and Till Stegers

Abstract: Format-preserving encryption (FPE) encrypts a plaintext of some specified format into a ciphertext of identical format—for example, encrypting a valid credit-card number into a valid creditcard number. The problem has been known for some time, but it has lacked a fully general and rigorous treatment.We provide one, starting off by formally defining FPE and security goals for it.We investigate the natural approach for achieving FPE on complex domains, the “rank-then-encipher” approach, and explore what it can and cannot do. We describe two flavors of unbalanced Feistel networks that can be used for achieving FPE, and we prove new security results for each. We revisit the cycle-walking approach for enciphering on a non-sparse subset of an encipherable domain, showing that the timing information that may be divulged by cycle walking is not a damaging thing to leak.

Category / Keywords: secret-key cryptography / credt-card encryption, format-preserving encryption

Publication Info: Selected Areas in Cryptography 2009

Date: received 30 May 2009, last revised 30 Dec 2009

Contact author: tristenp at cs ucsd edu

Available format(s): PDF | BibTeX Citation

Note: Fixed typos, some text that got erroneously included in previous version, and inconsistencies between sections.

Version: 20091231:042340 (All versions of this report)

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]