Browse Prior Art Database

Instance based format preserving encryption and tokenization Disclosure Number: IPCOM000244284D
Publication Date: 2015-Nov-30
Document File: 6 page(s) / 90K

Publishing Venue

The Prior Art Database


The idea is to provide a format preserving encryption/tokenization scheme for instances without any a priori knowledge on the format of the data. We ?generalize? the trivial method (see Background). Given instance string ?x?, we define format. The format contains all the strings with the same structure as ?x?. Meaning the strings within the format contains small letter where ?x? contains small letter, special characters remain untouched, etc.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 37% of the total text.

Page 01 of 6

Instance based format preserving encryption and tokenization

Encryption/Tokenization schemes are used to protected data privacy, e.g., when transmitted over insecure channels or stored on unreliable servers. However, standard encryption/tokenization schemes (such as AES) can significantly alter the data format, causing disruptions both in storing and using the data. Indeed, when storing devices and applications are designed to operate on unencrypted/untokenized data they may not be able to operate on encrypted/tokenized data. Consequently, format-preserving Encryption/Tokenization (FPE/FPT) schemes, namely schemes which encrypted/tokenized messages into ciphertexts/token with the same format, have emerged as a most useful tool in applied cryptography. A trivial method for format preserving encryption/Tokenization is to encrypt/tokenize each small letter to get a small letter, capital letter to capital letter, digit to digit or special character to special character. This method has no priory assumption/any kind of configuration or pre-computation for the encryption/tokenization. One disadvantage of the trivial solution is that letters/digits will be encrypted to the same letters/digits under the same key. (i.e., assume that 'e' will be encrypted to 'c', then 'ee' will be encrypted to 'cc'). So, adversary can use this property to reveal information about the original text. She always can say how many times exactly a letter appears in the original text (without knowing the letter itself). Another disadvantage is because a letter encrypted to a letter and not encrypted a string as one value, then the adversary can guess the original letter with probability = 1/26.

One of the first attempts for format preserving encryption schemes was in the context of integral domains (namely, when the message domain is

                                        for some ) [3], later works considered for FPE design. First, the cycle walking strategy of Black and Rogaway [4] constructs an FPE for format from any FPE for a format such that . The encryption algorithm for repeatedly applies the encryption algorithm of , until the cipher text is if . (Decryption is repeated until reaching a valid string in ) For example, an FPE scheme for credit-card numbers can use cycle-walking on AES (which is an FPE for ).

Second, the Rank-then-Encipher (RtE) method suggested by Bellare et al. [2] reduces the task of designing an FPE for format to the task of designing and FPE for an integral domain. (In particular, the RtE framework allows one to apply the same encryption logic to all formats, thus eliminating the need to design specially-tailored encryption schemes for every format.) More specifically, a format of size is arbitrary ordered as

                                         , and encryption (decryption) is based on an integer-FPE (i.e., for an integral domain), where a string is encrypted in three steps, called ranking, integer-encryption, and unranking. First the index such that is found; then is encrypted into an index , using the integ...