Format-preserving encryption

Abstract: Format-preserving encryption (FPE) encrypts a plaintext of some specified format into a ciphertext of identical format--for example, encrypting a valid credit-card number into a valid credit-card number. The problem has been known for some time, but it has lacked a fully general and rigorous treatment. We provide one, starting off by formally defining FPE and security goals for it. We investigate the natural approach for achieving FPE on complex domains, the "rank-then-encipher" approach, and explore what it can and cannot do. We describe two flavors of unbalanced Feistel networks that can be used for achieving FPE, and we prove new security results for each. We revisit the cycle-walking approach for enciphering on a non-sparse subset of an encipherable domain, showing that the timing information that may be divulged by cycle walking is not a damaging thing to leak.

Abstract: A method of protecting a digital work uses a format preserving encryption scheme to encrypt the digital work. This enables any native replay application or rendering application to transform an encrypted digital work into encrypted presentation data. The originator's digital content is protected in its original form by not being decrypted. This method enables the rendering or replay application to process the encrypted document into encrypted presentation data without decrypting it first. Encrypted presentation data is then decrypted just before it is displayed to the user. An additive encryption scheme is a particular type of encryption scheme which preserves formatting of a digital work.

Abstract: Key requests in a data processing system may include identifiers such as user names, policy names, and application names The identifiers may also include validity period information indicating when corresponding keys are valid When fulfilling a key request, a key server may use identifier information from the key request in determining which key access policies to apply and may use the identifier in determining whether an applicable policy has been satisfied When a key request is authorized, the key server may generate a key by applying a one-way function to a root secret and the identifier Validity period information for use by a decryption engine may be embedded in data items that include redundant information Application testing can be facilitated by populating a test database with data that has been encrypted using a format-preserving encryption algorithm Parts of a data string may be selectively encrypted based on their sensitivity

Abstract: A data processing system is provided that includes format-preserving encryption and decryption engines. A string that contains characters has a specified format. The format defines a legal set of character values for each character position in the string. During encryption operations with the encryption engine, a string is processed to remove extraneous characters and to encode the string using an index. The processed string is encrypted using a format-preserving block cipher. The output of the block cipher is post-processed to produce an encrypted string having the same specified format as the original unencrypted string. During decryption operations, the decryption engine uses the format-preserving block cipher in reverse to transform the encrypted string into a decrypted string having the same format.