摘要
保留格式加密算法可以在加密的同时保证明文和密文格式相同,解决了信用卡号、电话号码、身份证号等敏感数据明文存储易造成隐私泄露等问题。当前保留格式加密方案大多基于Prefix、Cycle-Walking和Generalized-Feistel算法进行扩展和改进,存在多次调用Cycle-Walking结构的不确定性问题,同时,现有保留格式加密算法处理的问题域有一定的局限性。提出一种新型的基于截断表的保留格式加密算法,仅需调用一次Cycle-Walking结构,使加密结果落入问题域,以及在截断表算法基础上提出分段处理方案,进一步扩大了保留格式加密算法处理的问题域。并且通过安全性分析,证明了所提算法是安全的,能够抵御恶意敌手攻击。实验结果表明所提算法具有高效性,可将保留格式加密过程重复调用Cycle-Walking结构的次数降至0。且与先前保留格式加密算法相比,平均每字节加密开销相当。
Format-preserving encryption(FPE)algorithms can encrypt data while ensuring that the plaintext and ciphertext have the same format.This addresses the problem of privacy leakage caused by storing sensitive data in plaintext,such as credit card numbers,phone numbers,and ID numbers.Current FPE algorithms are mostly extended and improved based on prefix,cycle-walking,and generalized-Feistel algorithms,and face issues with the uncertainty of multiple calls to the cycle-walking structure.Additionally,existing format-preserving encryption algorithms have certain limitations in terms of the problem domain they address.This paper proposes a novel format-preserving encryption algorithm based on a truncated table,which requires only a single call to the cycle-walking structure,ensuring that the encryption result falls within the problem domain.Furthermore,based on the truncated table algorithm,a segment-based processing scheme is proposed,which further expands the problem domain that the format-preserving encryption algorithm can address.Security analysis shows that our proposed protocol is secure against malicious adversaries.Experimental results demonstrate that the proposed algorithm is highly efficient,reducing the number of repeated calls to the cycle-walking structure in the format-preserving encryption process to zero.In comparison with previous format-preserving encryption algorithms,the average encryption overhead per byte is comparable.
作者
杨庆
田有亮
熊金波
YANG Qing;TIAN Youliang;XIONG Jinbo(State Key Laboratory of Public Big Data,Guiyang 550025,China;College of Computer Science and Technology,Guizhou University,Guiyang 550025,China;Fujian Provincial Key Laboratory of Network Security and Cryptology,Fuzhou 350117,China)
出处
《福建师范大学学报(自然科学版)》
北大核心
2025年第1期68-76,共9页
Journal of Fujian Normal University:Natural Science Edition
基金
国家重点研发计划项目(2021YFB3101100)
国家自然科学基金项目(62272123、62272102)
贵州省高层次创新型人才项目(黔科合平台人才[2020]6008、[2020]5017、[2022]065)
福建省自然科学基金重点项目(2023J02014)。
作者简介
通信作者:田有亮(1982—),男,教授,博士生导师,研究方向为算法博弈论、密码学与安全协议、大数据安全等。youliangtian@163.com。
