Cryptology ePrint Archive: Report 2009/257

FORMAT CONTROLLING ENCRYPTION USING DATATYPE PRESERVING ENCRYPTION

Ulf T. Mattsson

Abstract: Datatype-Preserving Encryption (DTP) enables encryption of values within a certain character set into ciphertext restricted to the same set, while still keeping data length. This is in contrast to conventional block cipher modes which produce binary data, i e each encrypted character may have an arbitrary value, possibly outside the original character set, often accompanied with a length expansion caused by padding.

Format-Controlling Encryption (FCE) is an extension to DTP, for which data length still is kept, but the output character range is allowed to be larger, though not covering the range of all possible values (i e binary data). With FCE it is possible to handle certain DTP limitations, like limited key rotation and integrity support.

Category / Keywords: secret-key cryptography / block ciphers

Publication Info: Not published

Date: received 4 May 2009

Contact author: ulf mattsson at protegrity com

Available formats: PDF | BibTeX Citation

Note: I'd like to publish this paper for comment.

Regards, Ulf Ulf Mattsson Chief Technology Officer Protegrity Corporation 203 428 4521 (office) 203 326 7200 (main) 203 570 6919 (mobile) One Canterbury Green 10th Floor Stamford, CT 06901 Visit Us At www.protegrity.com

Version: 20090601:153638 (All versions of this report)

Discussion forum: Show discussion | Start new discussion