Paper 2021/1171
FAST: Secure and High Performance Format-Preserving Encryption and Tokenization
F. Betül Durak, Henning Horst, Michael Horst, and Serge Vaudenay
Abstract
We propose a new construction for format-preserving encryption. Our design provides the flexibility for use in format-preserving encryption (FPE) and for static table-driven tokenization. Our algorithm is a substitution-permutation network based on random Sboxes. Using pseudorandom generators and pseudorandom functions, we prove a strong adaptive security based on the super-pseudorandom permutation assumption of our core design. We obtain empirical parameters to reach this assumption. We suggest parameters for quantum security. Our design accommodates very small domains, with a radix $a$ from 4 to the Unicode alphabet size and a block length $\ell$ starting 2. The number of Sbox evaluations per encryption is asymptotically $\ell^{\frac32}$, which is also the number of bytes we need to generate using AES in CTR mode for each tweak setup. For instance, we tokenize 10 decimal digits using 29 (parallel) AES computations to be done only once, when the tweak changes.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- A major revision of an IACR publication in ASIACRYPT 2021
- Keywords
- format-preserving encryption
- Contact author(s)
-
durakfbetul @ gmail com
H Horst @ comforte com
m horst @ comforte com
serge vaudenay @ epfl ch - History
- 2021-09-14: received
- Short URL
- https://ia.cr/2021/1171
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/1171,
author = {F. Betül Durak and Henning Horst and Michael Horst and Serge Vaudenay},
title = {FAST: Secure and High Performance Format-Preserving Encryption and Tokenization},
howpublished = {Cryptology ePrint Archive, Paper 2021/1171},
year = {2021},
note = {\url{https://eprint.iacr.org/2021/1171}},
url = {https://eprint.iacr.org/2021/1171}
}
