开发者

Format-preserving Encryption sample

开发者 https://www.devze.com 2023-04-11 23:52 出处:网络
I want to encrypt/decrypt digits into string (with only digits and/or upper characters) with the same length using Format-preserving Encryption. But I don\'t find implementation steps. So, can anyone

I want to encrypt/decrypt digits into string (with only digits and/or upper characters) with the same length using Format-preserving Encryption. But I don't find implementation steps. So, can anyone please provide WORKING sample for C# 2.0?

For an example,

If I encrypt fixed length plaintext like 99991232 (with or without fixed key) then the cipher should be like 23220978 or ED0FTS. If the length of encrypted string is l开发者_JAVA百科ess than plain text then also it would be all right. But cipher text length must not be greater than plain text and the cipher text must of of fixed length.


From your question I assume that the plain text is numeric, where the cipher text could be alphanumeric. Due to this it is quite easy to make an encoding scheme. This makes your format preservation less stringent and this can be taken advantage of (this won't work if your plain text is also alphanumeric).

First, find a power of 2 that is greater than the number of discrete values that you have, for example, in the numeric case you have 10 discrete values - so you would use 16 (2 ^ 4). Create a 'BaseX' encoding scheme for this (in this case Base16) and decode the plain text to binary using it.

Thus given the plain text:

1, 2, 3, 4

We encode it to:

0001-0010 0011-0100

You can then run this through your length-preserving cipher (one example of a length-preserving cipher is AES in counter mode). Say you get the following value back:

1001-1100 1011-1100

Encode this using your 'BaseX' encoder, and in our case we would get:

9, C, B, C

Which is the same length. I threw together a sample for you (bit large to paste here).


As Henk said, "Format Preserving Encryption" is not defined. I can think of two possible answers:

  1. Use AES and convert the cyphertext byte array to a hex string or to Base64.
  2. Use a simple Vigenère cipher just replacing the characters you want to replace.

You need to specify your requirement more clearly.

ETA: You do not say how secure you need this to be. Standard Vigenère is not secure against any sort of strong attack, but will be safe from casual users. Vigenère can be made absolutely secure, but that requires as much true random key material as there is plaintext to encypher, and is usually impractical.

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号