2016 mindthesec Format-Preserving Encryption

Format Preserving EncryptionBruno Motta Rego

Real World

real ecosystems, data everywhere

real ecosystemsIn 93% of cases, it took attackers minutes or less to compromise systems; [1]

95% of web app attacks where criminals stole data were financially motivated; [1]

The median traffic of a DoS attack is 1.89 million packets per second; [1]

39% of crimeware incidents in 2015 involved ransomware. [1]

data everywhereVendor as a vector; [1]

More than 90% breaches had a compromise time of “days or less”; [1]

63% of confirmed data breaches involved weak, default or stolen passwords; [1]

70% of breaches involving insider misuse took months or years to discover; [1]

challengesPeople;

Vulnerability & Patch management;

Vendor management;

Legacy systems;

format-preserving encryption

NIST 800-38GApproved methods for FPE; [3]

FF1 is FFX[Radix] "Feistel-based”FF3 is BPS

Shared-key; [3]

Deterministic encryption; [3]

trade offsWhole database encryption; [2] • Encrypt data within DB – slows all apps down

• Separate solution for each database vendor• No separation of duties – DBA can decrypt• No security of data within applications and networks

Database column encryption; [2] • Encrypt data via trigger and stored procedure• Require schema changes• No data masking support or separation of duties

Native or traditional application-level encryption; [2] • Encrypt data itself, throughout lifecycle• Requires DB schema/app format changes• Heavy implementation cost

Weak, breakable encryption; [2] • E.g., stream ciphers, alphabetic substitution• Not secure – easily reversible by attacker• Key management challenges

trade offsShuffling; [2] • Shuffle existing data rows so data doesn’t match up

• Breaks referential integrity• Can still leak data

Data tables and rules; [2] • Consistently map original data to fake data• Allows for referential integrity, reversibility• Security risks due to use of look-up tables

choicesGuessing attacks;

Use Case

credit card number

othersCustomer Services;

Anti-Fraud;

Risk Intelligence;

OBRIGADO!Bruno Motta Regohttps://twitter.com/brunomottarego

references[1] 2016 Data Breach Investigation Report (DBIR 2016). Verizon, Apr 2016.

[2] Streamlining Information Protection Through a Data-centric Security Approach.

[3] NIST SP 800-38G - Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption

[4] Ciphers with Arbitrary Finite Domains.

2016 mindthesec Format-Preserving Encryption

Technology

Anonymity-preserving Public-Key Encryption

Format-Preserving Encryption · 2009. 12. 31. · Format-Preserving Encryption Mihir Bellare1, Thomas Ristenpart1, Phillip Rogaway2, and Till Stegers2 1 Dept. of Computer Science

Functional Encryption & Property Preserving Encryption

Order-Preserving Symmetric Encryption · 2012. 11. 5. · 1 Introduction Motivation. Order-preserving symmetric encryption (OPE) is a deterministic encryption scheme (aka. cipher)

Format preserving encryption bachelor thesis

Format Preserving Encryptions68aa858fd10b80a7.jimcontent.com/download/version/...Format Preserving Encryption, Version 1.0, 12.06.2015 2 Management Summary This thesis aims to give

Privacy-preserving Attribute Based Searchable Encryption · searchable encryption (A2SBE) scheme which facilitates user to retrieve only a subset of documents pertaining to his chosen

The Necessity of Encryption for Preserving Critical ... · include encryption, tokenization, data masking, and enterprise key management to protect data at all times, everywhere in

Anonymity-preserving Public-Key Encryption: A … · Keywords: public-key encryption, key privacy, robust encryption, anonymity, constructive cryptography 1. Contents 1 Introduction

Property Preserving Symmetric Encryption Revisited · 2015-09-17 · Property Preserving Symmetric Encryption Revisited Sanjit Chatterjee1 and M. Prem Laxman Das2 1 Department of

IBM z13 and Crypto - New EraAgenda – IBM z13 and Crypto • Hardware • ICSF • New Function • Format Preserving Encryption • Key Metadata • Misc • Toleration/Coexistence

IBM z13 and Crypto - New Era · Agenda – IBM z13 and Crypto • Hardware • ICSF • New Function • Format Preserving Encryption • Key Metadata • Misc • Toleration/Coexistence

Order-Preserving Encryption Revisited: Improved Security ...aboldyre/papers/operev.pdf · Keywords: Searchable encryption, symmetric encryption, hypergeometric distribution, range

From Proprietary Format to Open Source – Preserving Digital Resources Liz Reuben

FUNCTIONAL ENCRYPTION & PROPERTY PRESERVING ENCRYPTION Shashank Agrawal (UIUC), Shweta Agrawal (IIT-D), Saikrishna Badrinarayanan (IIT-M), Abisekh Kumarasubramanian

The attached DRAFT document (provided here for … they are format-preserving, Feistel-based encryption modes. They were submitted to NIST under the names [RadixFFX], VAES3, and -BPSBC,

Privacy Preserving Attribute-Based Encryption with

Order-Preserving Encryption Revisited: Improved Security ...aboldyre/papers/operev.pdf · Order-Preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions

Protect High Value Government Data - Micro Focus · AES encryption standard recommends the use of Format Preserving Encryption to protect sensitive data-at-rest, data-in-motion, and

Adiantum: length-preserving encryption for entry-level ... · Adiantum: length-preserving encryption for entry-level processors Paul Crowley and Eric Biggers Google LLC {paulcrowley,ebiggers}@google.com