Paper 2009/257

FORMAT CONTROLLING ENCRYPTION USING DATATYPE PRESERVING ENCRYPTION

Ulf T. Mattsson

Abstract

Datatype-Preserving Encryption (DTP) enables encryption of values within a certain character set into ciphertext restricted to the same set, while still keeping data length. This is in contrast to conventional block cipher modes which produce binary data, i e each encrypted character may have an arbitrary value, possibly outside the original character set, often accompanied with a length expansion caused by padding. Format-Controlling Encryption (FCE) is an extension to DTP, for which data length still is kept, but the output character range is allowed to be larger, though not covering the range of all possible values (i e binary data). With FCE it is possible to handle certain DTP limitations, like limited key rotation and integrity support.

Note: I'd like to publish this paper for comment. Regards, Ulf Ulf Mattsson Chief Technology Officer Protegrity Corporation 203 428 4521 (office) 203 326 7200 (main) 203 570 6919 (mobile) One Canterbury Green 10th Floor Stamford, CT 06901 Visit Us At www.protegrity.com

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Not published
Keywords
block ciphers
Contact author(s)
ulf mattsson @ protegrity com
History
2009-06-01: received
Short URL
https://ia.cr/2009/257
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2009/257,
      author = {Ulf T.  Mattsson},
      title = {{FORMAT} {CONTROLLING} {ENCRYPTION} {USING} {DATATYPE} {PRESERVING} {ENCRYPTION}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/257},
      year = {2009},
      url = {https://eprint.iacr.org/2009/257}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.