Advancements in Real-World Cryptography

On January 6, 2016, at the Real World Cryptography Conference 2016 at Stanford University, Dr. Phil Rogaway was recognized for his contributions to practical applications of cryptography when he was awarded the first annual Levchin Prize. The fact that Dr. Rogaway was recognized by the prize committee is very significant.

LevchinPrizesqFrom the Levchin Prize press release: “Rogaway is considered a giant in the field of symmetric encryption. He was given the Levchin Prize for his work on authenticated encryption and format preserving encryption.”

Saying that Dr. Rogaway is considered a giant in the field of symmetric encryption makes him sound quite impressive, but saying that he is a giant in this field is much like saying that Einstein was a giant in the field of physics: both of them made significant contributions to the field that fundamentally changed that way in which the rest of the field thinks today.

Dr. Rogaway was one of the pioneers that turned cryptography from a poorly understood black art into a science with rigorous mathematical foundations. Instead of just hoping that a cryptographic scheme is secure because nobody has found a weakness in it yet, we can now rigorously prove that certain weaknesses can never be found in carefully designed cryptographic schemes, no matter how clever and determined a hacker might be. That’s very useful.

But in addition to pioneering advances in theoretical cryptography, Dr. Rogaway also pioneered cryptographic technologies that have very practical applications in the real world. In particular, he made significant advances in understanding and applying the technology of format-preserving encryption (FPE).

Ciphertext from an encryption algorithm usually looks very different than the corresponding plaintext. If we encrypt the plaintext string “4111111111111111” using AES-ECB, for example, we might get a string like “MKSqwaywf4N8i9gEci4yTUTPalvnQBlBi+Uz6j1Tjig=” for our ciphertext.

If the original string represented a credit card number, the encrypted version will not look like a credit card number at all. It will contain characters other than the digits 0 through 9, and will be longer than the typical 16-character plaintext credit card number (This example shows a Base64 encoding of the ciphertext to ensure that we have printable characters. Otherwise, most of the ciphertext will probably be non-printable characters.).

Changing the format of data can cause problems in many of today’s legacy IT environments because some applications can only handle data that has a particular format, and modifications that work around this issue can be very expensive.

An approach that works well in many cases is to adapt the data to the environment instead of adapting the environment to the data. One way to do this is to implement encryption in such a way that ciphertext has the same format as the corresponding plaintext. This may be easy to do, but it is not easy to do securely.

To get ciphertext that has the same format as the corresponding plaintext, researchers have proposed many versions of FPE. The technology dates back to at least 1981, when the original US government guideline for implementing the Data Encryption Standard (DES) (FIPS 74) included a description of how to use DES encryption in a way that preserved the format of data on a character-by-character basis – mapping a decimal digit to another decimal digit, for example.

Over the following years, researchers proposed various other ad hoc (and non-secure) approaches to FPE, but in 2002 Dr. Rogaway (along with Dr. John Black), described three approaches to FPE and proved that they were secure.  The FFX modes of AES that are currently used to encrypt billions of credit card transactions each day represent the evolution of one of these approaches and the dramatic success of FPE technology should clearly indicate that Dr. Rogaway’s contributions to the field of cryptography are indeed of more than a purely theoretical nature.

So, congratulations, Dr. Rogaway, this is an award that is clearly justified.


— Luther Martin, HPE Security – Data Security Distinguished Technologist.  

Leave a Reply

Your email address will not be published. Required fields are marked *