Integrated Intelligent Research (IIR) International Journal of Computing Algorithm

Volume: 04 Issue: 01 June 2015 Pages:49-53

ISSN: 2278-2397

Format Preserving Encryption for Small Domain

S.Vidhya1,K.Chitra2
1
Research Scholar, Department of Computer Science and Applications, SCSVMV University, Kancheepuram, Tamilnadu, India
2
Assistant Professor, Department of Computer science, Govt. Arts college, Melur, Madurai, Tamilnadu, India.
Email: [email protected], [email protected]

Abstract-Cryptography is important in communicating secured column, which contains the credit Custid, Custname and Credit
information that is vulnerable to distortion. The main goal of this card number.
paper is encrypting the small arbitrary length data without any /* Create a table Customer_detail */
changes in the length and data type. We propose a flexible arbitrary Create table Customer_detail (Custidint,
length small domain block cipher (FPESD). FPESD is based on AES
Algorithm. The resulting cipher text is the same as input plaintext.
Custtnamevarchar(25), Credicardnuminteger(16);
Here, we use Galois finite field GF (28) and format preserving key to /* Display the content of Customer_detail */
implement FPE. For decryption format preserving key is used along Select * from Customer_detail;
with cipher text and secret key. /* Create index to locate and retrieve data faster and more
efficient */
Keywords -Format Preserving Encryption, Small domain, AES CTR, Create index idindex on Customer_detail(Credicardnum);
Credit Card Number Encryption
Table1. Database Before Encryption
I. INTRODUCTION
Custid Custname Creditcardnum
There is a need for privacy of sensitive data before data are 1 N.S.Velu 1234567878901245
shared with any cloud provider, client server etc. Sensitive data 2 S.Ushadevi 7661234567199887
fields having well defined data formats[1]. While designing
3 S.Dhivya 3456789897890124
privacy for sensitive fields, it may be desirable to maintain the
length and format of the inputs, in order to avoid any re-
Electronic Code Book (ECB) mode is used to encrypt our
constructions of packet formats or database columns of
database column. This mode does not require any initialization
existing system. We propose a traditional AES cipher with
vector. This mode requires our input should be multiple of 8
CTR mode along with format preserving key[2].
bytes [5].The following queries are required to update
Customer_detail table after encryption.
II. NEED FOR FPE
/* Add columns which will hold the encrypted data in binary */
 In normal encryption, the length and format of thePlaintext
AltertableCustomer_detail add
was entirely changed.
EncryptedCreditCardNumvarbinary(128);
 The database structure was also changed by the encrypted /* Update new column with encrypted data */
column. Update Customer_detail set EncryptedCreditCardNum =
 The reconstruction of database is a very difficult process. encryptbykey(‘Symmetrickey’, Creditcardnum);
 If randomization was used in the encryption algorithm then /* Drop the original column */
referential integrity of the data base was also affected.
 Special problems arise when encrypted data is indexed. The Alter table Customer_detail drop column Creditcardnum;
index of the column contains encrypted values and then the The original column and decrypted column have different type.
index is unusable for encrypted data. The conversion function is required to get the original data
 An encryption algorithm not only alters the structure of the type.
table it also alters the queries passed to the database.
Changing of database and queries are complex tasks and /* Drop the index */
also cost prohibitive. Drop index idindex;

III. IMPACT OF NORMAL ENCRYPTION An index is useless for encrypted column, so it is removed.
ON DATABSES AND QUERIES Select Custid, Custname, convert (varchar(20), decryptbykey
(Encrypted CreditCardNum ) ) fromCustomer_detail;
Most of the block ciphers support length preserving
encryption. N bit block is mapped into another N bit block. But After completing all the encryptions, our database schema will
the data type of cipher text is not same as plain text. Format be changed to store the encrypted value. The corresponding
preserving encryption is a combination of length and data type queries that handle the credit card number will also be
preserving encryption.We give an example to encrypt credit changed[11]. Cryptographic operations, required to store
card number in stored in the data base. Create a sensitive data securely, need more amount of arithmetic
Customer_detail a table which contains credit card details of calculations. Coupled with bad block cipher choice, expensive
the customers. Our task is to protect this data by encrypting the cryptographic operations needed for querying and processing
1
Integrated Intelligent Research (IIR) International Journal of Computing Algorithm
Volume: 04 Issue: 01 June 2015 Pages:49-53
ISSN: 2278-2397

encrypted data could decrease the system performance

dramatically. To avoid such impacts we introduce format
preserving encryption to produce cipher text as like as plaintext
in length and format[6].
Table 2. Database after Encryption

Cus Custna Encrypted CreditCardNum

tid me
1 N.S.Ve 0BDC16E6A797C535C49F67688C6D4E21
lu D3F36088C206C85A
2 S.Usha 0BDC16E6A777C534264AF5FD1E8BD57
devi 0DDD44E842A72C00B
3 S.Dhiv 5408551E9C4A0F8FC49F67688C6D4E21
ya D3F36088C206C95A

IV. FPE USING AES BLOCK CIPHER

All the existing format preserving algorithms used arbitrary

length cipher mostly Feistelcipher[7]. In our proposed FPESD
we introduce most secured AES cipher with CTR mode. CTR Fig1 : FPESD Encryption Algorithm
mode can handle messages of arbitrary length. Unlike other V. FPESD ALGORITHM
common modes of operation, handling messages of arbitrary
bit-length is made trivial. No bits are wasted in doing this—the The proposed FPESD algorithm is based on AES algorithm. At
cipher text C is of the same length as the plaintext M. An the end of the AES algorithm some calculations are added to
arbitrary length feature is especially useful for small domain produce the cipher text which is same as plaintext[8]. Along
encryption[3]. with cipher text the format preserving key is also produced. It
is stored along with the initial vector IV.In this paper we
A. Advantages of CTR Mode illustrate how to apply our proposed system to encrypt credit
1. CTR-mode encryption enables effective utilization of the card numbers.
ofthearchitectural features such as parallel processing,
pipelining, multiple instruction dispatch per, many A. Generating 128 – bit Symmetric key
registers, and SIMD instructions[5]. An AES key is nothing more than a random bit string of the
2. CTR model is fully parallelizable: one can be computing right length. For a 128-bit AES key we need 16 bytes. The
blocks C1rC2, . . rall at the same time. strength of the key depends on the unpredictability of the
3. With CTR mode, both encryption and decryption depend random.For example AES Key in hex
000102030405060708090a0b0c0d0e0f.
only on E—neither depends on the inverse map, D = E 1.
So D need not be implemented. Table 3 : Aes Key
4. No plaintext expansion is needed. Cipher text can be
truncated to plaintext length.
K0 K4 K8 K12
5. The CTR mode of operations treats the blocks
independently, so there is no propagation of error from one K1 K5 K9 K13
block to another. K2 K6 K10 K14
K3 K7 K11 K15

Table 4: Aes Key Example

00 04 08 0c
01 05 09 0d
02 06 0a 0e
03 07 0b 0f

B. Generating 128 – bit Initial Vector

An initialization vector (IV) is arandom number and used
along with a symmetric key for data encryption. This number,
also called a nonce, is used only one time in any session. The
use of an IV prevents duplication in data encryption, making it
more difficult for a hacker to find patterns and break a cipher
text.
2
Integrated Intelligent Research (IIR) International Journal of Computing Algorithm
Volume: 04 Issue: 01 June 2015 Pages:49-53
ISSN: 2278-2397

Table5 :Initial Vector Iv

3E E5 D3 EE
0F A6 BF A6
57 63 F1 3E
EE F1 D3 0F

C. Plaintext
The input for encryption algorithm is a single 128 bit block.
The input is represented as a square matrix of bytes. The block
is copied to state array. The ordering of bytes in a matrix is by
column. The first four bytes occupied the first column; the
second four bytes occupied the second column and so on. The
same procedure is followed for key also. The state array is
represented as follows.
Table 6 :Aes Plaintext

S0 S1 S2 S3
S4 S5 S6 S7
S8 S9 S10 S11
S12 S13 S14 S15
For example using any padding technique with 16 digit credit
card number to represent 32 digit hex is
3EE5D3EE0FA6BFA65763F13EEEF1D30F. Each hex is
converted to 4 bit binary number. Totally we have 128 bit.

Table 7: Aes Plaintext Example

Figure:1
3E E5 D3 EE
0F A6 BF A6
57 63 F1 3E
EE F1 D3 0F

D. AES Encryption
The IV/nonce and the counter can be combined by XOR to
produce the actual unique counter block for encryption.

3E E5 D3 EE

0F A6 BF A6

57 63 F1 3E

EE F1 D3 0F

Fig 2.AES Data Structures

Table:8

Table 9 :SubByte Transformation

3
Integrated Intelligent Research (IIR) International Journal of Computing Algorithm
Volume: 04 Issue: 01 June 2015 Pages:49-53
ISSN: 2278-2397

CTR supports parallelization because you can split the

message into blocks, each chunk having a range of counter
values associated with it, and encrypt (or decrypt) each block
independently

The cipher begins with an AddRoundKey step and nine

rounds. Each round includes all four steps, and a final round
includes only three steps. Four different steps are used, one for
permutation and three for substitution: E. FPESD Encryption
 Substitute bytes At the end of tenth round of AES cipher we get 128 bit (16
 ShiftRows bytes ) cipher text. The following steps are used to implement
 MixColumns format preserved cipher text that converts 128 bit into 16
 AddRoundKey decimal digits.

A. Substitute bytes
AES defines a 16 x 16 matrix called S-Box. Each element in a
matrix represents byte values. Each individual byte of State is
converted into a new byte in the following way: The leftmost 4
bits of the byte indicate row index and the rightmost 4 bits
indicate column index. These row and column values provide
indexes into the S-box to select a byte as output value. S-box
is constructed using multiplicative inverse of Galois finite field
GF(28).SubByte transformation for the given example is as
follows

B. ShiftRows
The first row of State is not shifted. From the second row to
fourth row circular left shift is performed. For the second row 1
byte, third row 2 bytes, fourth row 3 bytes are shifted. The
following is an example of ShiftRows:
Input :
C. MixColumns
MixColumns, operates on each column separately. Each byte
128 bit cipher text S & 128 bit key K
of a column is converted into a new byte that is a function of
Output : 16 digits and Format preserving Key F.
all four bytes in that column. The result can be defined by the
following matrix multiplication in GF(28) on State.
1. Set i and sum value to 0.
2. Select i th byte from state array(si) and i th byte from
Table:10 mix columns
expanded key(ki).
3. Calculate ei = siki
4. The resultant ei is applied to s-box and we get the new
cipher text nci
5. Calculate the decimal equivalent of nci.
6. Di = decimal(nci)mod 10 and
F[i]=tochar(decimal(nci)/10)
7. Calculate sum = sumx10+di
D. AddRoundKey Transformation
8. Increment i value with 1 .
The 128 bits of State are XORed with the 128 bits of the key.
9. Repeat from step 2 to step 7 until I value becomes 16.
The operation is viewed as a column wise operation between
10. The sum variable contains format preserved cipher
the 32 bits of a State column and one word of the round
text.(16 decimal digits) and array F contains Format
key.The following is an example of Addroundkey
preserving key.
Transformation.
Table:11

4
Integrated Intelligent Research (IIR) International Journal of Computing Algorithm
Volume: 04 Issue: 01 June 2015 Pages:49-53
ISSN: 2278-2397

The IV must be random and unpredictable. The IV can be VIII. CONCLUSION

made public. The format preserving Key F is stored along with
the key. Even cryptanalysis find out IV and F, they cannot FPE is an emerging technique in cryptographic field.
break the cipher without the secret key K. Especially it is useful for encrypting credit card numbers and
social security numbers. Using Format preserving Encryption
VI. TEST VECTORS the data base schema and applications related to the database
will never changed. The cost and time for changing the data
The FPESD encryption Algorithm contains 16 iterations. For base is minimized.
simplicity,iteration for each algorithm is explained below. At
the end of the 16th iteration the character array F contains REFERENCES
[1] Gary C.Kessler, “An overview of Cryptography “,21 January 2015 .
Format Preserving Key. It is stored along with the initial vector [2] Thomas Ristenpart, Scott Yilek, Advances in Cryptology – CRYPTO
IV. 2013, Lecture Notes in Computer Science Volume 8042, 2013, pp 392-
For example 409 The Mix-and-Cut Shuffle: Small-Domain Encryption Secure against
K5 = 2c N Queries
[3] Helger Lipmaa ,Phillip Rogaway,Comments to NIST concerning AES
S5 = 05 Modes of Operations: CTR-Mode Encryption
e5 = 2c 05= 29 [4] Sashank Dara and Scott Fluhrer , Advanced Encryption Standard (AES)
New InstructionsSet FNR : Arbitrary length small domain block cipher
proposal.
[5] White Paper Shay Gueron Mobility Group, Israel Development Center
Intel Corporation
[6] M. Bellare, T. Ristenpart, P. Rogaway, and T. Stegers. Format preserving
encryption. SAC 2009. LNCS 5867,Springer, 2009.
nc5 = a5 [7] V. Hoang and P. Rogaway. On generalized Feistel networks. Conference
version of this paper. CRYPTO 2010,Springer, 2010.
d5 = decimal (a5) mod 10 [8] Format Preserving Encryption Terence SpiesVoltage Security, Inc.
= 165 mod 10 = 5 [9] Phillip Rogaway , A Synopsis of Format-Preserving Encryption
F[5]= 165 / 10 = 16 (ordinal position of an alphabet) = p [10] Vidhya.S and Dr.K.Chitra “Format Preserving Encryption using Feistel
Cipher” in International Conference on Research Trends in Computer
Technologies ( ICRTCT - 2013) Proceedings published in International
VII. PERFORMANCE ANALYSIS OF FPESD Journal of Computer Applications® (IJCA) (0975 –8887).
[11] Stephen Tu M. Frans Kaashoek Samuel Madden Nickolai Zeldovich
1. Existing block cipher AES is used only once. It requires MITCSAIL, Processing Analytical Queries over Encrypted Data
only small amount of additional work to implement FPE. [12] S.Vidhya and Dr.K.Chitra , “Securing Data at Rest using Format
Preserving Encryption using Pass phrase”,International review on
2. The input length is not restricted by the block length. Computers and Softwares (IRECOS) V9.N.5 ISSN 1828 – 6003. May
3. The duration of ciphering is deterministic. 2014.
4. Instead of original key if we are using expanded key in [13] Morris Dworkin, Recommendation for Block Cipher Modes of Operation:
FPE Algorithm then it is more complex to break. Methods for Format-Preserving Encryption
5. Indexing Technique can be applied for encrypted data.

The following chart represents number of block cipher

encryption to encrypt credit card number[12].

Fig 4.Performance Analysis Graph

Cycle walking and Feistel network requires block cipher with
54 bit block. The number of bits required to represent 16 digits
decimal number is minimum 54 bits. If we are using more
secured AES-128 block cipher then the numbers of iterations
are also increased. For cycle walking the cycle length for aes-
128 is 274.(128 – 54 = 74)[13].
Our proposed system requires only minimum number of
encryptions compared with other existing techniques.