格式保留加密(FPE)格式保留细节

huangapple go评论65阅读模式
英文:

Format Preserving Encryption (FPE) format preservation details

问题

I have been trying out https://github.com/idealista/format-preserving-encryption-java.git and https://github.com/ubiqsecurity/ubiq-fpe-java. I have also been reading https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38Gr1-draft.pdf.

Am I right in thinking that if I have a card number 4111-1111-1111-1111 with "-" or space as separator in plain text. If I have a requirement that in the resulting cipher post encryption the "-" or space should retain its position in the text and only the remaining is text is encrypted that's outside the scope of FPE.

If I were to include "-" in the alphabet in the resulting cipher "-" would be treated only as just another alphabet and FPE won't preserve it occurring at same indexes in plain text and cipher text.

If I need to do this I must manage it as a layer on top of the FPE using string manipulation.

Also if I need that the first four numerical digits don't get encrypted then that also I must manage myself and it's not in scope of FPE.

Right?

英文:

I have been trying out https://github.com/idealista/format-preserving-encryption-java.git and https://github.com/ubiqsecurity/ubiq-fpe-java. I have also been reading https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38Gr1-draft.pdf.

Am I right in thinking that if I have a card number 4111-1111-1111-1111 with "-" or space as separator in plain text. If I have a requirement that in the resulting cipher post encryption the "-" or space should retain its position in the text and only the remaining is text is encrypted that's outside the scope of FPE.

If I were to include "-" in the alphabet in the resulting cipher "-" would be treated only as just another alphabet and FPE won’t preserve it occurring at same indexes in plain text and cipher text.

If I need to do this I must manage it as a layer on top of the FPE using string manipulation.

Also if I need that the first four numerical digits don’t get encrypted then that also I must manage myself and it’s not in scope of FPE.

Right?

答案1

得分: 4

简短回答

短横线只是格式,它们不携带信息。在加密方面,它们是无意义的。在加密之前移除短横线,在加密后再添加回去。

长篇回答

思考FPE的一种方式是:你有一个超长的列表,包含了所有可能的“明文”信用卡号,你想要将它们加密到A列中。它们可能有效,也可能无效。第一行会有 1111-1111-1111-1111,最后一行会有 9999-9999-9999-9999

然后,你将这个列表复制并随机排列到B列,这样对于A列中的每个信用卡号,现在在B列中都有一个无关的信用卡号。用于FPE的加密密钥控制了这个排列过程。关于这一点的更多详细信息可以在这里找到。

与源列表一样,FPE加密的数字可能有效,也可能无效。由于你无法控制洗牌算法,如果你希望所有的数字都有效,你必须:

  1. 移除你想要保留的信息
  2. 加密中间部分
  3. 使数字再次“有效”

对于信用卡号,你可能想要保留以下两个信息:

如果你想保留发卡机构识别号,你必须在FPE加密之前移除前导数字,然后在加密后将它们放回去。

如果你想在最后保留一个有效的卢恩检验位,你必须在加密之前移除它,然后在加密后重新计算它。

请记住,你保留的每个原始数字都会使加密变得更脆弱。很可能你只需要加密的信用卡号彼此匹配,比如匹配日志中的交易。你不需要任何原始数字,只要对于给定的卡片始终获得相同的加密输出。

最后要担心的一件事是密钥轮换。如果你需要更改密钥,可能是因为PCI DSS的要求,那么你可能需要重新加密已存储的数字,以使它们与使用新密钥加密的数字匹配。

英文:

Short Answer

The dashes are just formatting, they don't carry information. They are meaningless with regards to encryption. Remove the dashes and put them back after encryption.

Long Answer

A way to think about FPE is this: You have a super long list of all the possible "plain text" credit card you want to encrypt in column A. They might be valid or not. Line 1 will have 1111-1111-1111-1111 and the last line will have 9999-9999-9999-9999.

You shuffle-copy that list to column B so that for every card number in column A there is now an unrelated credit card number in column B. The encryption key you use for FPE controls the shuffle process. More details on that here.

Like the source list, the FPE encrypted numbers might be valid or not. Since you don't control the shuffle algorithm, if you want that all the numbers to be valid, you must:

  1. Remove the information you want to keep
  2. Encrypt the middle part
  3. Make the number "valid" again.

With credit card numbers, there are probably 2 pieces of information you want to keep:

If you want to keep the IIN, you must remove the leading digits prior to FPE encryption and put them back after.

If you want to have a valid Luhn check digit at the end, you must remove it prior to encryption, then compute it back in after encryption.

Keep in mind that every original digit you keep makes the encryption weaker. Chances are you only need the encrypted card numbers to match between themselves, like matching transactions in logs. You don't need any original digits, as long as you always get the same encrypted output for a given card.

One last thing you could worry about is key rotation. If you ever need to change your key, because of PCI DSS requirements maybe, then might have to FPE re-encrypt the numbers already on file so they match the ones encrypted with the new key.

huangapple
  • 本文由 发表于 2023年5月31日 22:39:45
  • 转载请务必保留本文链接:https://go.coder-hub.com/76374684.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定