微信服务号

微信订阅号

2025年4月24日 0:46 星期四
首页 > 过刊浏览>2012年第23卷第1期 >152-170. DOI:10.3724/SP.J.1001.2012.04096
PDF HTML阅读 XML下载 导出引用 引用提醒
保留格式加密技术研究
作者:
基金项目:

国家自然科学基金(60973141); 天津市自然科学基金(09JCYBJ00300); 高等学校博士学科点专项科研基金(20100031110030); 网络安全与密码技术福建省高校重点实验室开放课题(2011004); 中央高校基本科研业务费专项资金


Research on the Format-Preserving Encryption Techniques
Author:
  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [45]
    • |
  • 相似文献 [20]
    • |
  • 引证文献
    • | |
  • 文章评论
    摘要:

    围绕基本构建方法、加密模型和安全性等方面,对保留格式加密(format-preserving encryption,简称FPE)的研究现状进行了综述.在基本构建方法方面,介绍了Prefix,Cycle-Walking 和Generalized-Feistel 方法的工作原理及适用范围;在加密模型方面,分析了FPE 模型或方案所呈现的构造特点,介绍了典型模型的工作原理,总结了Feistel网络的类型及其在FPE 中的应用情况;在安全性方面,描述了保留格式加密的安全目标及相关的游戏模型,分析了各安全目标之间的关系.最后介绍了保留格式加密的应用领域,指出性能、完整性认证以及FPE 在数据库加密应用中如何对密文进行范围查询、算术运算将是进一步需要解决的问题.这些研究工作将对保留格式加密的研究起到一定的促进作用.

    Abstract:

    The paper reviews the current research situation of FPE (format-preserving encryption) including basic constructing methods, encryption modes and security. When describing the basic constructing methods, it introduces the basic principles of Prefix, Cycle-Walking and Generalized-Feistel and their application scopes. When explaining the encryption modes, it mainly analyzes the construction features of FPE modes or schemes, introduces the principles of three classical modes, summarizes the different types of Feistel networks and presents an overview of their applications in FPE. When talking about the security, it describes the security notions of FPE and their corresponding games, analyzing the relationship among them. In the end, it introduces the application scopes of FPE and points out that performance, integrity authentication and key problems of database encryption with FPE, such as making range query and arithmetic operation on encrypted data, are the major problems to be solved in the future. All these works will play a role in promoting research of format-preserving encryption.

    参考文献
    [1] Radhakrishnan R, Kharrazi M, Memon N. Data masking: A new approach for steganography? The Journal of VLSI Signal Processing, 2005,41(3):293-303. [doi: 10.1007/s11265-005-4153-1]
    [2] Smith HE, Brightwell M. Using datatype-preserving encryption to enhance data warehouse security. In: Proc. of the 20th National Information Systems Security Conf. 1997. 141-149. http://csrc.nist.gov/nissc/1997/proceedings/141.pd
    [3] National Bureau of Standards. FIPS PUB 74, Guidelines for Implementing and Using the NBS Data Encryption Standard, 1981.
    [4] Black J, Rogaway P. Ciphers with arbitrary finite domains. In: Preneel B, ed. Proc. of the Topics in Cryptology—CT-RSA 2002. LNCS 2271, San Jose: Springer-Verlag, 2002. 114-130. [doi: 10.1007/3-540-45760-7_9]
    [5] Luby M, Rackoff C. How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal of Computing, 1988,17(2):373-386. [doi: 10.1137/0217022]
    [6] Patarin J. Security of random Feistel schemes with 5 or more rounds. In: Franklin M, ed. Advances in Cryptology—CRYPTO 2004. LNCS 3152, Santa Barbara: Springer-Verlag, 2004. 106-122. http://www.iacr.org/archive/crypto2004/31520105/Version courte Format Springer.pdf [doi: 10.1007/978-3-540-28628-8_7]
    [7] Spies T. Format preserving encryption. Unpublished Voltage White Paper. 2008. https://www.voltage.com/pdf/Voltage-Security- WhitePaper-Format-Preserving-Encryption.pdf
    [8] Spies T. Feistel finite set encryption mode. 2008. http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/ffsem/ ffsem-spec.pdf
    [9] Bellare M, Ristenpart T, Rogaway P, Stegers T. Format-Preserving encryption. In: Jacobsn MJ, eds. Proc. of the Selected Areas in Cryptography (SAC 2009). LNCS 5867, Calgary: Springer-Verlag, 2009. 295-312. [doi: 10.1007/978-3-642-05445-7_19]
    [10] Bellare M, Rogaway P, Spies T. The FFX mode of operation for format-preserving encryption. 2010. http://csrc.nist.gov/groups/ST/ toolkit/BCM/documents/proposedmodes/ffx/ffx-spec.pdf
    [11] Schneier B, Kelsey J. Unbalanced Feistel networks and block cipher design. In: Gollmann D, ed. Proc. of the Fast Software Encryption’96. LNCS 1039, Cambridge: Springer-Verlag, 1996. 121-144. http://www.schneier.com/paper-unbalanced-feistel.pdf [doi: 10.1007/3-540-60865-6_49]
    [12] Liskov M, Rivest RL, Wagner D. Tweakable block ciphers. In: Advances in Cryptology—CRYPTO 2002. LNCS 2442, Santa Barbara: Springer-Verlag, 2002. 31-46. [doi: 10.1007/s00145-010-9073-y]
    [13] Eric B, Thomas P, Jacques S. BPS: A format-preserving encryption proposal. An NIST Submitted Proposal, 2010. http://brutus.ncsl. nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/bps/bps-spec.pdf
    [14] National Institute of Standards and Technology. SP800-67: Recommendation for the triple data encryption algorithm (TDEA) block cipher. 2004. http://purl.access.gpo.gov/GPO/LPS69978
    [15] National Institute of Standards and Technology. FIPS 197: Advanced Encryption Standard. 2001. http://csrc.nist.gov/publications/ fips/fips197/fips-197.pdf
    [16] National Institute of Standards and Technology. FIPS 180-2: Secure Hash Standard. 2002. http://csrc.nist.gov/publications/fips/ fips180-2/fips180-2.pdf
    [17] Morris B, Rogaway P, Stegers T. How to encipher messages on a small domain—Deterministic encryption and the thorp shuffle. In: Advances in Cryptology—CRYPTO 2009. Santa Barbara: Springer-Verlag, 2009. http://www.cs.ucdavis.edu/~rogaway/papers/ thorp.pdf [doi: 10.1007/978-3-642-03356-8_17]
    [18] Jia CF, Liu ZL, Li JW, Dong ZQ, You XY. A new integer FPE scheme based on Feistel network. In: Zhu X, ed. Proc. of the Int’l Conf. on Services Science Management and Engineering 2010. Tianjin: IEEE Press, 2010. 305-308.
    [19] Liu ZL, Jia CF, Li JW, Cheng XC. Format-Preserving encryption for datetime. In: Chen W, ed. Proc. of the Intelligent Computing and Intelligent Systems 2010, Vol.2. Xiamen: IEEE Press, 2010. 201-205. [doi: 10.1109/ICICISYS.2010.5658769]
    [20] Cover T. Enumerative source encoding. IEEE Trans. on Information Theory, 1973,19(1):73-77. [doi: 10.1109/TIT.1973.1054929]
    [21] Mäkinen E. Ranking and unranking left Szilard languages. Int’l Journal of Computer Mathematics, 1998,68(1-2):29-38. [doi: 10.1080/00207169808804677]
    [22] Knuth DE. The Art of Computer Programming, Vol. 2: Seminumerical Algorithms. 3rd ed., Addison-Wesley, 1997.
    [23] Kelsen P. Ranking and unranking trees using regular reductions. In: Puech C, ed. Proc. of the 13th Annual Symp. on Theoretical Aspects of Computer Science. LNCS 1046, Grenoble: Springer-Verlag, 1996. 581-592. http://www.springerlink.com/index/ p2x337k42l09w032.pdf [doi: 10.1007/3-540-60922-9_47]
    [24] Liebehenschel J. Ranking and unranking of a generalized DYCK language and the application to the generation of random trees. In: Séminaire Lotharingien de Combinatoire. 2000. 43-62.
    [25] Hoang VT, Rogaway P. On generalized Feistel networks. In: Rabin T, ed. Advances in Cryptology—CRYPTO 2010. LNCS 6223, Santa Barbara: Springer-Verlag, 2010. 613-630. [doi: 10.1007/978-3-642-14623-7_33]
    [26] Anderson R, Biham E. Two practical and provably secure block ciphers: BEAR and LION. In: Gollmann D, ed. Proc. of the Fast Software Encryption’96. LNCS 1039, Cambridge: Springer-Verlag, 1996. 113-120. http://www.springerlink.com/index/ P3L22063H7817J35.pdf [doi: 10.1007/3-540-60865-6_48]
    [27] Lucks S. Faster Luby-Rackoff ciphers. In: Gollmann D, ed. Proc. of the Fast Software Encryption ’96. LNCS 1039, Cambridge: Springer-Verlag, 1996. 189-203. http://weisskugel.informatik.uni-mannheim.de/people/lucks/papers/pdf/LR-fast.pdf.gz [doi: 10. 1007/3-540-60865-6_53]
    [28] Zheng YL, Matsumoto T, Imai H. On the construction of block ciphers provably secure and not relying on any unproved hypotheses. In: Brassard G, ed. Proc. of the 9th Annual Int’l Cryptology Conf. LNCS 435, Berlin: Springer-Verlag, 1990. 461-480. ftp://www.hacktic.nl/pub/mirrors/Advances in Cryptology/HTML/PDF/C89/461.PDF [doi: 10.1007/0-387-34805-0_42]
    [29] Goldwasser S, Micali S. Probabilistic encryption. Journal of Computer and System Sciences, 1984,28(2):270-299. [doi: 10.1016/ 0022-0000(84)90070-9]
    [30] Micali S, Rackoff C, Sloan R. The notion of security for probabilistic cryptosystems. SIAM Journal on Computing, 1988,17(2): 412-426. [doi: 10.1137/0217025]
    [31] Dolev D, Dwork C, Naor M. Nonmalleable cryptography. SIAM Journal on Computing, 2000,30(2):391-437. [doi: 10.1137/ S0097539795291562]
    [32] Bellare M, Rogaway P. Optimal asymmetric encryption—How to encrypt with RSA. In: De Santis A, ed. Advances in Cryptology-EUROCRYPT’94. LNCS 950, Perugia: Springer-Verlag, 1994. 92-111.
    [33] Bellare M, Rogaway P. Random oracles are practical: A paradigm for designing efficient protocols. In: Proc. of the 1st ACM Conf. on Computer and Communications Security. Fairfax: ACM Press, 1993. 62-73. http://seclab.cs.ucdavis.edu/papers/Rogaway/ro.pdf [doi: 10.1145/168588.168596]
    [34] Goldreich O. A uniform complexity treatment of encryption and zero-knowledge. Journal of Cryptology, 1993,6(1):21-53. [doi: 10.1007/BF02620230]
    [35] Goldreich O. Foundations of Cryptography, Vol II: Basic Applications. Cambridge: Cambridge University Press, 2004.
    [36] Goldreich O, Goldwasser S, Micali S. How to construct random functions. Journal of the ACM, 1986,33(4):792-807. [doi: 10.1145/6490.6503]
    [37] Desai A, Miner S. Concrete security characterizations of PRFs and PRPs: Reductions and applications. In: Okamoto T, ed. Advanced in Cryptology- ASIACRYPT 2000. LNCS 1976, Kyoto: Springer-Verlag, 2000. 503-516. http://citeseerx.ist.psu.edu/ viewdoc/download?doi=10.1.1.119.1491&rep=rep1&type=pdf [doi: 10.1007/3-540-44448-3_39]
    [38] St?tz T, Uhl A. Efficient format-compliant encryption of regular languages: Block-Based Cycle-Walking. In: De Decker B, ed. Proc. of the 11th IFIP TC 6/TC 11 Int’l Conf. LNCS 6109, Linz: Springer-Verlag, 2010. 81-92. http://wavelab.at/papers/Stuetz10a. pdf [doi: 10.1007/978-3-642-13241-4_9]
    [39] Ozsoyoglu, G, Singer DA, Chung SS. Anti-Tamper databases: Querying encrypted databases. In: Proc. of the 17th Annual IFIP WG, Vol.11. 2003. http://vorlon.case.edu/~chung/Publication/TechnicalReportIFIP03RevisedPaper.pdf
    [40] Agrawal R, Kiernan J, Srikant R, Xu YR. Order preserving encryption for numeric data. In: Proc. of the 2004 ACM SIGMOD Int’l Conf. on Management of Data. New York: ACM Press, 2004. 563-574. http://rsrikant.com/papers/sigmod04.pdf [doi: 10.1145/ 1007568.1007632]
    [41] Boldyreva A, Chenette N, Lee Y, O’Neill A. Order-Preserving symmetric encryption. In: Joux A, ed. Advances in Cryptology-EUROCRYPT 2009. LNCS 5479, Perugia: Springer-Verlag, 2009. 224-241. http://www.iacr.org/archive/ eurocrypt2009/54790225/54790225.pdf [doi: 10.1007/978-3-642-01001-9_13]
    [42] Lee S, Park TJ, Lee D, Nam T, Kim S. Chaotic order preserving encryption for efficient and secure queries on databases. IEICE Trans. on Information and Systems, 2009,E92-D(11):2207-2217. [doi: 10.1587/transinf.E92.D.2207]
    [43] Rivest RL, Adleman L, Dertouzos ML. On data banks and privacy homomorphisms. Foundations of Secure Computation, 1978, 169-178.
    [44] Gentry C. Fully homomorphic encryption using ideal lattices. In: Proc. of the 41st Annual ACM Symp. on Theory of Computing (STOC 2009). New York: ACM Press, 2009. 169-178. http://boxen.math.washington.edu/home/wstein/www/home/watkins/CG.pdf [doi: 10.1145/1536414.1536440]
    [45] Van Dijk M, Gentry C, Halevi S, Vaikuntanathan V. Fully homomorphic encryption over the integers. In: Gilbert H, ed. Advances in Cryptology-EUROCRYPT 2010. LNCS 6110, Perugia: Springer-Verlag, 2010. 24-43. [doi: 10.1007/978-3-642-13190-5_2]
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

刘哲理,贾春福,李经纬.保留格式加密技术研究.软件学报,2012,23(1):152-170

复制
分享
文章指标
  • 点击次数:9522
  • 下载次数: 16252
  • HTML阅读次数: 0
  • 引用次数: 0
历史
  • 收稿日期:2010-07-21
  • 最后修改日期:2011-04-02
  • 在线发布日期: 2012-01-02
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19862643位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号