**Cycle Slicer: An Algorithm for Building Permutations on Special Domains**

*Sarah Miracle and Scott Yilek*

**Abstract: **We introduce an algorithm called Cycle Slicer that gives new solutions to two important problems in format-preserving encryption: domain targeting and domain completion. In domain targeting, where we wish to use a cipher on domain $\mathcal{X}$ to construct a cipher on a smaller domain $\mathcal{S} \subseteq \mathcal{X}$, using Cycle Slicer leads to a significantly more efficient solution than Miracle and Yilek's Reverse Cycle Walking (ASIACRYPT 2016) in the common setting where the size of $\mathcal{S}$ is large relative to the size of $\mathcal{X}$. In domain completion, a problem recently studied by Grubbs, Ristenpart, and Yarom (EUROCRYPT 2017) in which we wish to construct a cipher on domain $\mathcal{X}$ while staying consistent with existing mappings in a lazily-sampled table, Cycle Slicer provides an alternative construction with better worst-case running time than the Zig-Zag construction of Grubbs et al. Our analysis of Cycle Slicer uses a refinement of the Markov chain techniques for analyzing matching exchange processes, which were originally developed by Czumaj and Kutylowski (Rand. Struct. \& Alg. 2000).

**Category / Keywords: **format-preserving encryption, small-domain block ciphers, Markov chains, matchings

**Original Publication**** (in the same form): **IACR-ASIACRYPT-2017

**Date: **received 7 Sep 2017, last revised 7 Sep 2017

**Contact author: **syilek at stthomas edu

**Available format(s): **PDF | BibTeX Citation

**Version: **20170913:212656 (All versions of this report)

**Short URL: **ia.cr/2017/873

[ Cryptology ePrint archive ]