Format-preserving Encryption sample

4
votes

I want to encrypt/decrypt digits into string (with only digits and/or upper characters) with the same length using Format-preserving Encryption. But I don't find implementation steps. So, can anyone please provide WORKING sample for C# 2.0?

For an example,

If I encrypt fixed length plaintext like 99991232 (with or without fixed key) then the cipher should be like 23220978 or ED0FTS. If the length of encrypted string is less than plain text then also it would be all right. But cipher text length must not be greater than plain text and the cipher text must of of fixed length.

2
c#encryption
"Format-preserving Encryption" is not a real word. Please describe what you want, provide examples.Henk Holterman
Check this Fromat-preserving Encryption I have added example for input and required output. Unfortunately, I cannot tell you for what purpose I need it. I hope you can understand that. Moreover, I also know that encryption using such algorithm may not be secure but it's completely fair for what I need.Parth Patel
OK, you're right about the name and with the example it's a perfectly valid question.Henk Holterman

2 Answers

7
votes

From your question I assume that the plain text is numeric, where the cipher text could be alphanumeric. Due to this it is quite easy to make an encoding scheme. This makes your format preservation less stringent and this can be taken advantage of (this won't work if your plain text is also alphanumeric).

First, find a power of 2 that is greater than the number of discrete values that you have, for example, in the numeric case you have 10 discrete values - so you would use 16 (2 ^ 4). Create a 'BaseX' encoding scheme for this (in this case Base16) and decode the plain text to binary using it.

Thus given the plain text:

1, 2, 3, 4

We encode it to:

0001-0010 0011-0100

You can then run this through your length-preserving cipher (one example of a length-preserving cipher is AES in counter mode). Say you get the following value back:

1001-1100 1011-1100

Encode this using your 'BaseX' encoder, and in our case we would get:

9, C, B, C

Which is the same length. I threw together a sample for you (bit large to paste here).

0
votes

As Henk said, "Format Preserving Encryption" is not defined. I can think of two possible answers:

  1. Use AES and convert the cyphertext byte array to a hex string or to Base64.
  2. Use a simple Vigenère cipher just replacing the characters you want to replace.

You need to specify your requirement more clearly.

ETA: You do not say how secure you need this to be. Standard Vigenère is not secure against any sort of strong attack, but will be safe from casual users. Vigenère can be made absolutely secure, but that requires as much true random key material as there is plaintext to encypher, and is usually impractical.