I “tweaked” my hammy just reading this
October 18, 2012 2 Comments
Recently, I was reading about the Format Preserving Encryption (FPE)* variation that we implemented in our cloud data privacy/ tokenization gateway solution and realized that they had used a tweak to make it much stronger.
I am proud of our guys who burned some extra midnight oil to get this out on time to save our customer sensitive data moving to the cloud. This allowed us to work with some major cloud providers to help with their data storage in a highly secure manner. Watch out for my next blog on how FPE can help you preserve your data fairly easily. You can also read my blog about protecting sensitive data that is sent to the cloud here.
Essentially a tweak is…………..
a cross between a salt and a nonce (thank god it is not crossed with pepper!). For format preserving encryption (FPE), it can be used to significantly enhance the encryption security.
Here is how:
If you use a deterministic/tweakless scheme, it is possible that an attacker could create by non-cryptographic means a useful dictionary of plaintext/ciphertext pairs. For example, assume that you are encrypting the middle 6-digits of a 16-digit Credit Card Number (CCN or PAN data). Out of a possible 100 million entries, there would be 100 CCNs with the same 6 digits (It is fairly common to keep the first 5 digits preserved for routing purposes and the last 4 digits for validation purposes, thus leaving only the middle 6 digits to be encrypted). Every plaintext/ciphertext pair that an attacker identified would allow the attacker to decrypt every CCN that happens to have those same middle 6 digits. Utilizing a different tweak for these different encryptions would eliminate this information leakage. In this case, the tweak could be:
• The other ten digits of the CCN. (Perfect seed of using what is already there).
• A string that is unique to the specific document in which the encryption is occurring.
• A randomly generate string that is used for a much smaller subset of the encryptions than the specific key is being used for.
As the first two possible sources of tweaks indicated, a tweak value does not need to be secret. It just needs to be large enough to uniquely differentiate related encryptions in the same or different documents.
Summary: a tweak is just a mechanism to add entropy between encryption that could leak information. Using a tweak can significantly enhance security and is therefore strongly recommended.
*Format Preserving Encryption (FPE) is a process that deterministically encrypts plaintext into ciphertext that has the same character set and same number of logical radix characters. This allows the encrypted data to be stored and transmitted by the same programs and databases that handled the plaintext data without modifying the service storing and transmitting the data. For example, a credit card number can be a 16 byte decimal string. If FPE is applied to the number, the ciphertext is also a 16 byte decimal string. Another example is encrypting an alphanumeric address, where the ciphertext must also be an alphanumeric string of same length.