Paper 2015/306

Analysis of VAES3 (FF2)

Morris Dworkin and Ray Perlner

Abstract

The National Institute of Standards and Technology (NIST) specified three methods for format-preserving encryption (FPE) in Draft NIST Special Publication (SP) 800-38G, which was released for public comment in July, 2013. Each method was a mode of operation of the Advanced Encryption Standard (AES). One of the three modes, VAES3, was specified under the name FF2 in the NIST draft. This note describes a theoretical chosen-plaintext attack that shows the security strength of FF2 is less than 128 bits.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
AESformat-preserving encryption
Contact author(s)
dworkin @ nist gov
History
2015-04-06: received
Short URL
https://ia.cr/2015/306
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2015/306,
      author = {Morris Dworkin and Ray Perlner},
      title = {Analysis of {VAES3} ({FF2})},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/306},
      year = {2015},
      url = {https://eprint.iacr.org/2015/306}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.