Targeted Ciphers for Format-Preserving Encryption

  • Sarah MiracleEmail author
  • Scott Yilek
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11349)


We introduce Targeted Ciphers, which typically encipher points on domain \(\mathcal {X}\), but can be easily modified to instead encipher points on some subset \(\mathcal{S}\subseteq \mathcal {X}\). Ciphers that can directly support this domain targeting are useful in Format-Preserving Encryption, where one wishes to encipher points on a potentially complex domain \(\mathcal{S}\). We propose two targeted ciphers and analyze their security. The first, Targeted Swap-or-Not, is a modification of the Swap-or-Not cipher proposed by Hoang, Morris, and Rogaway (CRYPTO 2012). The second, a new cipher we call Mix-Swap-Unmix, achieves the stronger notion of full security. Our targeted ciphers perform domain targeting more efficiently than the recently proposed Cycle Slicer algorithm of Miracle and Yilek (ASIACRYPT 2017).


Format-preserving encryption Small-domain block ciphers Markov chains Matchings 



We thank the SAC 2018 anonymous reviewers for their detailed and helpful comments.

Supplementary material


  1. 1.
    Bellare, M., Hoang, V.T.: Identity-based format-preserving encryption. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 1515–1532. ACM Press, October/November 2017Google Scholar
  2. 2.
    Bellare, M., Hoang, V.T., Tessaro, S.: Message-recovery attacks on Feistel-based format preserving encryption. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016, pp. 444–455. ACM Press, October 2016Google Scholar
  3. 3.
    Bellare, M., Ristenpart, T., Rogaway, P., Stegers, T.: Format-preserving encryption. In: Jacobson, M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 295–312. Springer, Heidelberg (2009). Scholar
  4. 4.
    Bellare, M., Rogaway, P., Spies, T.: The FFX mode of operation for format-preserving encryption, February 2010.
  5. 5.
    Bernstein, M.: The mixing time for a random walk on the symmetric group generated by random involutions. In: Proceedings of the 28th International Conference on Formal Power Series and Algebraic Combinatorics (FPSAC) (2016)Google Scholar
  6. 6.
    Black, J., Rogaway, P.: Ciphers with arbitrary finite domains. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 114–130. Springer, Heidelberg (2002). Scholar
  7. 7.
    Brier, E., Peyrin, T., Stern, J.: BPS: a format-preserving encryption proposal.
  8. 8.
    Brightwell, M., Smith, H.: Using datatype-preserving encryption to enhance data warehouse security. In: National Information Systems Security Conference (NISSC) (1997)Google Scholar
  9. 9.
    Czumaj, A., Kutylowski, M.: Delayed path coupling and generating random permutations. Random Struct. Algorithms 17, 238–259 (2000)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Dai, W., Hoang, V.T., Tessaro, S.: Information-theoretic indistinguishability via the chi-squared method. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 497–523. Springer, Cham (2017). Scholar
  11. 11.
    Durak, F.B., Vaudenay, S.: Breaking the FF3 format-preserving encryption standard over small domains. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10402, pp. 679–707. Springer, Cham (2017). Scholar
  12. 12.
    Dworkin, M.: Recommendation for block cipher modes of operation: methods for format preserving-encryption. NIST Special Publication 800–38G (2016).
  13. 13.
    Granboulan, L., Pornin, T.: Perfect block ciphers with small blocks. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 452–465. Springer, Heidelberg (2007). Scholar
  14. 14.
    Grubbs, P., Ristenpart, T., Yarom, Y.: Modifying an enciphering scheme after deployment. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10211, pp. 499–527. Springer, Cham (2017). Scholar
  15. 15.
    Hoang, V.T., Morris, B., Rogaway, P.: An enciphering scheme based on a card shuffle. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 1–13. Springer, Heidelberg (2012). Scholar
  16. 16.
    Luchaup, D., Dyer, K.P., Jha, S., Ristenpart, T., Shrimpton, T.: LibFTE: a toolkit for constructing practical, format-abiding encryption schemes. In: Proceedings of the 23rd USENIX Security Symposium, pp. 877–891 (2014)Google Scholar
  17. 17.
    Luchaup, D., Shrimpton, T., Ristenpart, T., Jha, S.: Formatted encryption beyond regular languages. In: Ahn, G.J., Yung, M., Li, N. (eds.) ACM CCS 2014, pp. 1292–1303. ACM Press, November 2014Google Scholar
  18. 18.
    Maurer, U., Pietrzak, K., Renner, R.: Indistinguishability amplification. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 130–149. Springer, Heidelberg (2007). Scholar
  19. 19.
    Miracle, S., Yilek, S.: Reverse cycle walking and its applications. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 679–700. Springer, Heidelberg (2016). Scholar
  20. 20.
    Miracle, S., Yilek, S.: Cycle slicer: an algorithm for building permutations on special domains. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10626, pp. 392–416. Springer, Cham (2017). Scholar
  21. 21.
    Morris, B., Rogaway, P.: Sometimes-recurse shuffle - almost-random permutations in logarithmic expected time. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 311–326. Springer, Heidelberg (2014). Scholar
  22. 22.
    Morris, B., Rogaway, P., Stegers, T.: How to encipher messages on a small domain. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 286–302. Springer, Heidelberg (2009). Scholar
  23. 23.
    Naor, M., Reingold, O.: Constructing pseudo-random permutations with a prescribed structure. J. Cryptol. 15(2), 97–102 (2002)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Ristenpart, T., Yilek, S.: The mix-and-cut shuffle: small-domain encryption secure against N queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 392–409. Springer, Heidelberg (2013). Scholar
  25. 25.
    Spies, T.: Format-preserving encryption. Unpublished whitepaper (2008).

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.University of St. ThomasSt. PaulUSA

Personalised recommendations